While Apple moved fairly quickly to release software tools for OS X Lion and Snow Leopard to remove the Flashback malware from infected systems and patch the Java vulnerability it exploited, users of earlier operating system versions have remained vulnerable.
Apple addressed that issue today for users of Mac OS X 10.5 Leopard, releasing Leopard Flashback Removal Security Update to clean infected systems and disable the Java plug-in in Safari.
This update removes the most common variants of the Flashback malware. If the Flashback malware is found, a dialog will notify you that malware was removed. In some cases, the update may need to restart your computer in order to completely remove the Flashback malware.
To improve the security of your Mac, this update also disables the Java plug-in in Safari. For instructions on how to re-enable it, please visit: http://support.apple.com/kb/HT5241.
The update weighs in at 1.23 MB and requires Mac OS X 10.5.8.
On a separate note, Apple also released Leopard Security Update 2012-003, which automatically disables out-of-date versions of Adobe Flash Player for security reasons. The update weighs in at 1.11 MB and requires Mac OS X 10.5.8.
This update disables versions of Adobe Flash Player that do not include the latest security updates and provides the option to get the current version from Adobe's website.
Apple included similar functionality for Lion and Snow Leopard systems in Safari 5.1.7 released last week alongside OS X 10.7.4.
Today's software releases for Mac OS X Leopard mark the first significant software updates for the operating system since the debut of OS X Lion in mid-2011.