Oracle has released an early patch for the vulnerable Java version 7 that has led to a raft of malware using zero-day Java exploits. The patch was originally expected to be released during Oracle's usual quarterly patch schedule, in October. Given the severity of this issue, we're grateful to the developers who undoubtedly worked long hours to rush this update out to fix the problem.
It's highly recommended, if you have Java version 7, that you update it immediately with Java 7 Update 7. If you are running Java version 6 Oracle still advises for you to update, to Java 6 Update 35.