This exploit is in the wild and affects Windows, Mac, and Linux based operating systems. It also appears that running anti-virus software or firewalls may not prevent this issue from affecting you. The most likely way of being impacted by this virus is through your web browser. If you are using Firefox to access the web, it appears that the No-Script add-on may provide some protection from this exploit.
Disabling the Java plug-in for your web browser will make you less vulnerable. This document from CERT can tell you how to disable Java in your browser, and give you a little more technical information on the issue.
Oracle, the company that distributes and maintains Java, also has a set of instructions to disable Java here.
Here is what is being said about this problem:
Oracle said it will issue a patch Tuesday that contains "86 new security vulnerability fixes." It added that "due to the threat posed by a successful attack, Oracle strongly recommends" that customers update Java on their computers with the patch as soon as possible.
Via
Mercury News
Note: the patch will not be released until TUESDAY - updating Java now will not resolve this issue!
The U.S. Department of Homeland Security is advising people to temporarily disable the Java software on their computers to avoid potential hacking attacks.
Via
HuffPost
The Department of Homeland Security noted that "reports indicate this vulnerability is being actively exploited" by cybercrooks, who could use the flaw to lure computer users to virus-infected websites. Some crooks already are selling "exploit kits" to other crooks to take advantage of Java's problems, said Liam Murchu, a researcher with Mountain View security firm Symantec.
Via
Mercury News
Murchu said Symantec has determined that its Norton anti-virus software can block current versions of malware designed to take advantage of the Java vulnerabilities. So if a person has Norton installed on their computer, he said, "theoretically they shouldn't need to disable Java."
However, he said, crooks may issue new types of malware that might temporarily evade Symantec's software. "So if you really wanted to be safe," he suggested disabling Java until it can be updated with Oracle's patch.
Via
Mercury News
Please heed the warnings and disable Java until this issue is resolved. For those of you who use Thunderbird for email, don't forget to disable Java there too.