Oracle’s latest Java update 1.7 for Java 7 has a security hole that can be exploited from various operating systems and web browsers. These attacks install the Poison Ivy Remote Access Trojan and Windows, Linux and Mac computers running Internet Explorer, Firefox, Safari, Opera and Chrome are at risk. These attacks are supposedly coming from China and will install a remote administration Trojan that connects to a command and control server located in Singapore. The Trojan will allow the execution of arbitrary code on vulnerable systems without user interaction.
So far the attacks have not been too widespread and Oracle has not come up with a fix and there may not be one soon enough. Oracle releases its patches quarterly and the next one is not due until October. Many security analysts are recommending turning of Java until the problems is resolved and only using it in must have cases on sites you trust. You can also go to Java’s website and click the Do I have Java? link to see what version you have. If you have an older version be sure not to update until the next version is out.