The zero day flaw have hit java right in its face. Apparently the java apllets can be tricked into invoking *.exe files unless the file is sufficiently secure. Oooh oracle!!! What have you done to Java.
Only Java7 is vulnerable to this attack. So if you are not updated, you need not worry.
Seriously guys, what have oracle done to Java? Such things never used to happen when Sun was incharge. Huh!!!