The Flashback Trojan for Apple's Mac OSX already infected over 600.000 Machines, according to @hexminer on twitter. There is an existing Java Security Update from Apple, all users should update immediately.
Apple is too slow in releasing security fixes - the last known security holes in Mac OSX Java took Apple over 6 months to fix.
F-Secure shows how to secure your Mac by disabling Java. Lion does not come with Java by default, although most of the times it is installed afterwards (running Java applets or Java applications, the Systems asks to install the Java package).
The Flashback Trojan hides as Adobe Flash Player, so the most secure thing to do is to remove Java and Flash from your system. Adobe Flash still does not completely work with Mac OSX Lion, bugs that were reported by Nanofunk over 6 months ago are still open.
Gizmodo posted a simple way how to test if you are infected:
Run the following command in Terminal:
defaults read /Applications/Safari.app/Contents/Info LSEnvironment
Take note of the value, DYLD_INSERT_LIBRARIES
The expected output should be:
"The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist"
Then, run this command:
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
"The domain/default pair of (/Users/joe/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist"
"does not exist" means you've got a healthy rig. If there is any other message, keep following F-Secure's instructions to vanquish the intruder.
Apple released Mac OSX Lion 10.7.1 updates today, with the following release notes:
The 10.7.1 update is recommended for all users running OS X Lion and includes general operating system fixes that enhance the stability and compatibility of your Mac, including fixes that:
- Address an issue that may cause the system to become unresponsive when playing a video in Safari
- Resolve an issue that may cause system audio to stop working when using HDMI or optical audio out
- Improve the reliability of Wi-Fi connections
- Resolve an issue that prevents transfer of your data, settings, and compatible applications to a new Mac running OS X Lion
For detailed information on this update, please visit this website: http://support.apple.com/kb/HT4764.
There is not much fixed, at least not for the reported issues such as SSD TRIM support for non-apple SSDs and the well known flash issues.
Still, Seems more stable. There is a seperate update for 10.7.1 Server and another update specific to the latest MacBook Air and Mac mini models, adding a few additional fixes. (via macrumors)