*UPDATE, Feb. 20, 1:18 p.m.: This article originally linked to an outdated Apple support page. The correct link to the support page where you can download the latest security update is here: http://support.apple.com/kb/DL1572?viewlocale=en_US&locale=en_US
Original post: Mac users, and I am one, tend to be a little blasé when it comes to computer security. That’s becoming less and less justified. If you’ve ignored my increasingly dire entreaties to disable the Java plug-in on your Web browsers because you use a Mac and figured you were safe, perhaps this will get your attention: On Tuesday, Apple disclosed that its own employees’ computers were infected with Java-related malware when they visited a compromised website. (The site, an iPhone development hub, is likely the same one that speared Facebook and Twitter in recent weeks, AllThingsD’s Mike Isaac reports. It’s called iPhoneDevSDK, and you should not visit it for any reason. At all.)
Those who have already disabled Java on their browsers can rest easy, as usual. Those who haven’t, and who use Macs, can now rid themselves of the world’s worst plug-in by taking one simple step. Just visit this Apple support page* and download the update, which, once installed, will automatically disable Java in all of your browsers at once. (You’ll need to close all of your browsers before installing.)
Alternatively, you can find the update in the “Updates” tab on your App Store if you’re using OS X 10.7 or later (Lion or Mountain Lion). If you have OS X 10.6, there’s a good chance you’ve already downloaded a similar update that Apple made available earlier this month, but you can still check the “Updates” tab on your App Store to make sure.
For more background on how to disable the Java plug-in, including instructions for PC users, feel free to peruse previous installments of what’s becoming quite the regular feature here on Future Tense:
Jan. 14, 2013: No, Seriously, Just Disable Java in Your Browser Right Now