It was initially thought that up to 600,000 machines were affected by the malware, which poses as a plug-in for web browsers but can take remote command of Macs and harvest data such as passwords and user names.
However, new data suggests that the actual number of Macs infected by the malware is around 270,000. The issue is not to do with the Mac OS X operating system, but is down to a flaw in the Java web plug-in.
Apple, which has been criticised over its slugging response to the largest Mac threat on record, said in a post on its Support Forum that a fix has now been issued.
The company said that the Java security update "removes the most common variants of the Flashback malware".
"This update also configures the Java web plug-in to disable the automatic execution of Java applets. Users may re-enable automatic execution of Java applets using the Java Preferences application," said Apple.
"If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets."
Apple recommended that all Mac users with Java installed should download the update. The company is also said to be working with internet service providers to "disable" the networks which are sustaining the malware.
Meanwhile, security company Norton has seized on the Mac Flashback Trojan outbreak by issuing a free tool that it claims will detect and remove the malware.
Oracle, which took over Java when it bought Sun, issued a fix for the Java flaw in February, but Apple delayed issuing the update to its Java users, enabling hackers to exploit the vulnerability.
> Apple Mac 'rare' prototype goes on sale for almost $100,000