Dancemanleo wrote:
There is some built in Malware protection on computers running snow leopard and up. you can go to the apple support website and look up HT4651 for more information.
typically in cases where exploits are found (Flashback being a recent example) apple usually releases software updates to patch the issue.
If you want an extra layer of protection you can always turn the firewall on in system pref.
The XProtect feature in OS X only checks files downloaded by programs like Safari. XProtect does not scan active Java processes, so the exploit allows bypassing of XProtect.
The patch that Apple released only closes the hole that allows for the exploit, and does not get rid of it on a system that has already been infected. To do this you will either need to remove it manually or use an updated malware scanner that can at least quarantine the malware: http://reviews.cnet.com/8301-13727_7-57410096-263/how-to-remove-the-flashback-ma lware-from-os-x/?tag=txt;title
The firewall prevents incoming attacks, but will not protect against a process that is allowed to run on your system, as is the case with Java here, so it will not protect against this type of attack. The main purpose of the firewall is to prevent exploits of network protocols, open ports, and other direct communications aspects of the system (of which there are many in these days of ever-increasing connectivity).