- Avoid running the system on a daily basis with an admin account. An attacker that will gain control on this account will obtain anyway limited privileges.
- Use volume encryption Apple’s FileVault tool, which allows encryption and decryption on the fly, protecting your information always.
http://thehackernews.com/2014/11/rootpipe-critical-mac-os-x-yosemite.html (read the article about how easy your mac - so safe they safe - can be totally hacked quite easily)
this advice is crap because it doesn't give you any protection
First of all you will probably have installed enough users with admin credentials and given a number of games and software rights to the root. The best thing to do is to make a new account with very limited rights - no installs for the time being so that no 'admin rights' are becoming a gateway for the attacker
Secondly the encryption of your information on your harddisk is not necessarily a protection if you are 'ROOTED' because the hacker will be able to have, access or see your information from the root without any encryption. He will become a trusted user or process because he will have assigned these rights and trust to himself. Encryption is a protection when you want to transfer that information to an unknown destination or over an unknown channel.
How bad is the possible infection and defect
it is something that we haven't seen in Windows for years, is coming back in full force for linux and Mac is in fact a nice cover put on the motor of OPENBSD which is in fact a kind of linux
When will it be corrected
well, that is another matter of discussion because they will try to have it upgraded and tested before the middle of january which means another two months
this means another two months that you will have to be extremely careful with downloads and links and all that kind of stuff
some advice that is useful
make a folder on your D drive and install all your downloads (files, films and so on) in that folder
use only online email and don't download anything you don't have to
close down your firewall and give very limited rights to all the programs
install several free antimalwares or one professional macintosh anti malware package
scan and update your machine BEFORE you start surfing
use Firefox or Chrome as a browser and close them down with as little possibilities as necessary