Earlier this week, Apple released a Java security update, 2012-001, to patch the Flashback vulnerability that a security company claims affected 600,000 Macs.
Late this evening, we are getting reports from readers that a new version of the Java update is becoming available via Software Update.
The latest update, Java for OS X 2012-002, supersedes the -001 update Apple released earlier this week, and indeed the KB article linked from the -002 update is still the -001 version (below).
Update: Apple sent a note out to its Java Community, below, with the ‘why’ (small issue they are the same but for a few symlinks and version numbers.)
Today we re-shipped our Java 1.6.0_31 for OS X Lion today to address a critical issue we found in Xcode and the Application Loader tool. This new “Java for OS X 2012-002” package is effectively identical to “Java for OS X 2012-001”, with the exception of a few symlinks and version numbers.
For the sake of expediency, we have re-rolled the automatic update as our standard full combo updater, with the hope that most users have not yet been presented with 2012-001. We considered creating a delta update for users who already installed 001, but that would have made the process of getting these fixes to you take longer.
We apologize for the inconvenience, and would like to offer our thanks to the developers who caught this issue and reported it to us as quickly as they did. This issue only impacts Lion users, so Snow Leopard users have nothing to reinstall.
Over the next few days, we will catch up with producing updated release notes, tech notes, and developer packages with the revised 002 version numbers.
Manual download links: Java for OS X 2012-002: <http://support.apple.com/kb/DL1515> Java for Mac OS X 10.6 Update 7: <http://support.apple.com/kb/DL1516>