Anyone using Sun's Java Runtime Environment on their system should be aware of various flaws
recently discovered that could put your machine at risk. Announcing the holes in a security advisory, Sun already has fixes available in the newer versions of the JRE. Many of these bugs are platform-independent, making the need to update all that more important.
The flaws, said Sun, are due to errors in the "reflection" APIs, and can be leveraged by attackers using maliciously-crafted applets to read and write files on the compromised system's hard drive, or execute programs. Sun, as is its practice, kept mum on details of the vulnerabilities.
The latest version of the JRE at updates 5 or 6 is not affected. If you are using Windows or Linux, it's just a matter of downloading and running the installer.