Oracle Java released an update to Java SE 6 and Java SE 7.
Edited to clarify: Included in the Oracle updates are eighty-eight (88) new critical security fixes across numerous Oracle products, listed in the Oracle Critical Patch Update Advisory. It is strongly advised that the update be installed for those products as soon as possible due to the thread posed by a successful attack.
Of course this is one of the most widespread botnets to hit Windows PCs, but still, it’s only one of many that are out there for PCs. And although Microsoft made similar mistakes as Apple in regard to malware/viruses/botnets initially, they made up for it in time. They even put out their own antivirus/antimalware program – Microsoft Security Essentials for free to home users to help protect their users. But even with their experience with these things for many years and learning from their mistakes, there is this…
Concern about Conficker reached a crescendo when the mainstream media, including major television networks, reported that the worm would update itself on April 1, 2009. Because of the size of the Conficker botnet — estimates ran as high as 12 million at that point — and other mysteries, hype ran at fever pitch.
It also urged all Windows users to ensure they have applied the pertinent patch — MS08-067 — and for Windows XP and Vista machines, the March update that disables AutoRun.
One day after a Google security researcher released code to expose a flaw that affects every release of the Windows NT kernel — from Windows NT 3.1 (1993) up to and including Windows 7 (2009) — Microsoft dropped a security advisory to acknowledge the issue and warn of the risk of privilege escalation attacks.
Microsoft was notified about the issue in June 2009 and has still not fixed the vulnerability.
Interesting to note that x64 is not affected and valid credentials are needed for the system to be compromised.
Obviously x64 (64-bit) Windows 7 would be the best option and making sure your system is protected by a strong password would be helpful either way.
However, on x32 (32-bit) Windows, any version of Windows could be compromised given the right Trojan cocktail even if the system is password protected.