Java for OS X Lion 2012-001 and Java for Mac OS X 10.6 Update 7
Apple has released Java for OS X Lion 2012-001 and Java for Mac OS X 10.6 Update 7, which both address a vulnerability in the Java framework that can be exploited by the Flashback malware. Ars Technica reported on Monday that the latest variant of the malware can utilize a Java vulnerability “to hijack Macs even when users don’t enter an administrative password.” According to Apple’s security overview for this update, this can occur when visiting a Web page
that is running an untrusted Java applet. (For more about Flashback, see “Beware the Morphing Flashback Malware,” 27 February 2012.) The update is available via Software Update and direct download. (Free, 66.9 MB and 79.7 MB)
It appears that Apple has re-released the Java update for Lion, labeling it Java for OS X Lion 2012-002, but making no changes in the release notes or security details. We presume it's the same version of Java, perhaps with a fix for some glitch that Apple discovered in the 001 release.
Indeed.