The cybersecurity community raked Apple Inc over the coals on Wednesday, saying the company had dragged its heels on eradicating malware that experts say may have infected up to 600,000 Macintosh computers and can be used to ferret out sensitive user information.
The consumer electronics company said it was working on finding and ridding "Flashback" malware that exploits a flaw in Oracle Corp's Java software. Apple has issued patches and is now developing software to detect and eliminate Flashback, it said on its website. The company declined to elaborate.
But Apple is catching heat for not having quickly addressed the issue, even after Oracle distributed its own patch in February.
Several security blogs accused Apple of having not been forthcoming in the past about security issues, but gave the company credit for stepping forward now.
"Someone in Apple has broken ranks following the recent revelations of a Jolly Big OS X botnet," Paul Ducklin at security specialist Sophos wrote. "Apple has -- apparently for the very first time -- talked about a security problem before it had all its threat response ducks in a row."
Trojans and other malware typically target Microsoft Windows, long the dominant PC operating system. Flashback stands out in that it represents one of the largest-scale invasions of Apple computers, which are gaining ground on Windows PCs.
Antivirus specialists Symantec Corp said the malware surfaced last summer or early fall. It said the number of infected computers, which hackers link into botnets to access private information, had dropped to 270,000 as of this week.