April 2, The Register – (International) Mac Java hole exploited by wild Flashback Trojan strain. Security watchers have discovered a strain of Mac-specific malware that exploits an unpatched vulnerability in Java. A variant of the Flashback Trojan exploiting CVE-2012-0507 (a Java vulnerability) was spotted in the wild, F-Secure warns. Oracle patched the vulnerability for Windows machines in February, but has yet to issue a fix for Mac OS X — creating a window of opportunity for virus writers. F-Secure advises users to disable Java, which is not needed to visit most websites on their Mac. Some banking websites mandate the use of Java, in which case security-conscious Mac users can re-enable Java for the duration of their session before turning it off again, the security firm suggests.