Apple, which claims to have the most secure operating system in the world, is apparently the last outfit in the universe to come up with a fix for a dangerous Java vulnerability.

While every other operating system has fixed the flaw, Apple seems to be sticking its iHands over its collective iEars over the problem which allows a hacker to completely bypass the Java sandbox and execute arbitrary code remotely in Java enabled web browsers.

This was found by Sami Koivu and first reported on August 1st 2008 and was fixed by Sun in December. Security outfits had been nice to Apple by not talking about it while the outfit came up with a Patch.  However when Apple dragged its feet on creating one, the CRO blog felt that it needed to warn MacOS users that they should shut down Java on their browser.

On that site it is close to the holy grail of client-side vulnerabilities as it has a huge attack surface and it suffers from many other security vulnerabilities. Apparently there are already a few exploits out there, so maybe your Apple is not as secure as you thought.