How fan denial works down the years:
We are immune to viruses --> We don't have viruses on the platform --> There are viruses but none of them are in the wild --> That wasn't a virus, it was malware.
The distinction between a virus and malware has always been just word play in my opinion. From what I've read over the years, most viruses seem benign, while a lot of malware can actually do you serious financial damage.
Anyway, the Mac community woke up a few days back with the news that 600,000 Macs were hit by a drive-by trojan based on an unpatched Java flaw.
Unpatched on the Mac at least. Because Oracle fixed the flaw in February, but Apple didn't bother to do anything about it until last week, when the press (quite rightly) gave them an online spanking.
Now we're hearing a lot of nonsense from the apologists, none of which really holds water:
1/. This isn't Apple's fault. It's a Java problem.
No, Apple took on the responsibility for this when they refused to use Sun's JDK years ago. They should have patched it in February when the flaw was discovered.
2/. It can't affect your OS unless you enter your admin password.
True, but who cares about the OS? I can get that reinstalled in about 15 minutes. The trojan will install and run from your user space without a password, which makes it a drive-by. Most malware installations are not interested in the OS; they're interested in your personal information, and where does that live?
3/. So? Just install the patch and shut up!
Well, the patch is all well and good, but it doesn't actually fix a machine that is already infected. Apple (of course) hasn't bothered to relay that tiny detail to its user base. Why? Well, I imagine that they're having a hard time wording the phrase "You might need anti-virus software" so that it sounds like a good thing.