Mac security holes found. You may have a trojan horse.

Make sure you update your Mac asap. For the longest time, Mac users thought that they were immune to viruses. The truth is that until recently, there just weren’t enough Macs in the market to make economic sense for virus authors to go after. This trojan horse now marks the beginning of Macs joining mainstream PC users as virus targets. The party is over! Please get your Mac updated.

Apple released a Java 1.6.0_31 update for OS X on Tuesday that claims to deliver “improved compatibility, security, and reliability.” The patch closes multiple vulnerabilities found in Java 1.6.0_29, the most serious of which allows malicious code to be executed just by visiting a compromised website. The update is available from Software Update on any Mac running Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, or Lion Server v10.7.3.

Russian security firm Doctor Web claims that attackers began to exploit the Java vulnerability on March 16th which Apple closed with the release of the Java update on April 3rd. Dr. Web now estimates that about 600,000 Macs, most of which reside in the US (55 percent) and Canada (19.8 percent), are now infected members of the Flashback botnet. The company also notes that some four million compromised web-pages could be found in Google search results at the end of March with some users claiming infection by visiting sites as mainstream as

Security company F-Secure has instructions for detecting and deleting the Flashback botnet on infected computers.