Update: April 12, 2012
Apple re-released the Java patches for 10.6 and 10.7 today. Patches include a Flashback removal tool. The easiest way Mac users can protect their machines and remove Flashback is to run Software Update.
April 6, 2012
A new Mac OS X trojan called Flashback has infected roughly 600,000 Macs worldwide. Flashback exploits a Java vulnerability, which is now patched for Mac OS X 10.6.x (Snow Leopard) and Mac OS X 10.7.x (Lion).
Infection may occur on systems that are not fully patched with the latest security updates, available via the automatic Software Update mechanism or manually. Also, if you are running nearly any antivirus software or tools such as Little Snitch, your system is likely not infected. All users should follow best practices to avoid malware, which includes not clicking unknown/untrusted links, checking for and applying operating system (OS) updates and security patches daily, and running current antivirus software. Free antivirus software is available to all UW-Madison users.
Learn more about the Flashback trojan and how to tell if a Mac is infected, instructions to remove the trojan if a system is infected, and additional news about Flashback.