Thursday, May 3, 2012 at 12:49PM Apple has released Apple FIPS Cryptographic Module c1.1 which contains Apple's FIPS 140-2 Administration Tools. This tools should be use by organizations that require the use of the FIPS 140-2 validated cryptographic module. Users need to download the file from Apple at the following address.
http://support.apple.com/kb/DL1518
Condition:GREEN Thursday, April 12, 2012 at 05:15PM Apple has released APPLE-SA-2012-04-12-1 Java for OS X 2012-003 and Java for Mac OS X 10.6 Update 8 for Mac OSX which disables the Web Plug-In when it is not used for 35 days. This update also includes a removal tool and check for FlashBack.
After the update if you plan to use Java you should review the setting in the Security Preference.App.
http://www.magmatic.com/apple-security-muse/2012/2/23/java-hardening-tips.html
**Important note: If Java is not installed Software Update will not update Java, this should be the case for OSX Lion Servers and Clients that have never used Java.
Software Update Information
This Java security update removes the most common variants of the Flashback malware.This update also configures the Java web plug-in to disable the automatic execution of Java applets. Users may re-enable automatic execution of Java applets using the Java Preferences application. If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets.
Condition:GREEN 
