...more recent posts
There is a bug in Quicktime's java handling that opens a pretty serious security hole allowing a malicious website to compromise a users system. This is pretty embarrassing for Apple, not just because it's a serious security hole, but also because it allows for Windows systems with Quicktime installed to be compromised as well (and any computer with iTunes installed has Quicktime installed.) This effects both Firefox (Windows or Mac) and Safari when browsing with java turned on (java, not javascript.) Turning off java in your browser preferences closes the hole. People should definitely do this until a fix is released. (And while this doesn't make it any better - you most likely won't notice any difference browsing with java off since almost no sites use client side java applets.)