A critical flaw in Sun's
Java Runtime Environment has been patched
by Sun. The vulnerability, which we heard about a few weeks ago, related to the JRE's handling of GIF images and could lead to system compromise:
The security flaws could allow an attacker to gain control of a user's system via an untrusted Java applet, which in turn could allow attackers to grant themselves permission to read and write local files or execute applications on the user's computer, according to an advisory issued by Secunia on Wednesday.
While the exploit does require some user intervention (namely, visiting a malicious site), it's still dangerous and if you are using a vulnerable version it's in your best interest to patch. If you are using JRE version 1.3.1._18, whether Windows or Linux, you are vulnerable to this particular exploit.