how do i know if i have java installed?

RL22 wrote:

I do not have Java installed.

Read my posts. You might not have the JRE installed, but you do have other Java components, so I surmise that Java's installed, but not very useful unless JRE is also installed. Apple's notice is grammatically incorrect. To preclude the malware from affecting you, disable Java in your browsers. That's all you have to do.

RL22 wrote:

MacMacs0

Thanks for your reply, and for reminding me to update my profile (mac pro and 10.7.3)

What you said makes sense.

I installed Lion on top of Snow Leopard.

However, I realize I mis-read and mis-quoted the Software Update notice...it actually says :"This update is recommended for all Mac users with Java installed."

I do not have Java installed.

So I'm questioning your comment that said I should just install whatever Software Update recommends and that it knows whether or not I have Java installed.....

OK, I have not seen any other user report that. Lion users running Software Update have been told to install one of two updates, depending on whether or not they have Java installed.

If they do not have Java installed, they should be shown the words in this document http://support.apple.com/kb/DL1517

If they do have Java installed, Software Updates will show them the words from here http://support.apple.com/kb/DL1515

Assuming you installed one or the other you can find out which by Launching System Preferences->Software Update->Installed Updates tab and it will list either Java for OS X Lion 2012-003 or Flashback malware removal tool.

Have you opened Java Preferences (found in /Applications/Utilities/) to check as jsd2suggested?

The info on Apple's page here

Flashback malware removal tool

includes

------------------

This update removes the most common variants of the Flashback malware. This update contains the same malware removal tool as Java for OS X 2012-003.

.

This update is recommended for all OS X Lion users without Java installed.

------------------

I think first of all, that "without Java installed" in this context means "without a Java runtime installed," which is the default configuration for Lion. Those users who do have a Java runtime installed would have been offered the "Java for OS X 2012-003" update instead, which includes the same removal tool.

Second, as to why Apple suggests you run the tool even without having a Java runtime installed - as mentioned, there is the possibility of acquiring a Flashback-K infection before a user upgraded from Snow Leopard to Lion, but there may be another reason as well.

Earlier versions of Flashback installed payloads similar to current versions, but did not use Java as a means of delivering them - they were genuine Trojans, posing as a Flash installer to get you to give your password - that's where the name came from. Apple's software tool description says "common variants [plural] of the Flashback malware, and so it may include these non-Java versions of Flashback. The removal tool offered by F-Secure behaves this way - if you look on their descriptive pages for Flashback A, Flashback-B, and Flashback-C - - all trojans which do not use Java at all - - they all link to the same removal tool that Flashback recently introduced to remove the later Java versions. It's possible that Apple's tool may also act on such earlier non-Java versions, further supporting a recommendation to use it even if a Java runtime is not installed.

You don't really need to analyze anything yourself - just install whatever Software Update suggests.