According to Google's Security research team, a fairly serious flaw has been discovered in the Sun Java Runtime Environment. The flaw is so severe, they say, that it affects the security of any platform that uses it, including browsers and mobile devices:
"It's a pretty significant weakness, which will have a considerable impact if the exploit codes come to fruition quickly. It could affect a lot of organizations and users," Gatford told ZDNet Australia.
They aren't detailing what the specific flaw is, but they did say that anyone using Sun's JDK or JRE is potentially at risk. They also say that on a per-business level, it would be a difficult flaw to patch, so likely the real solution for it will have to come from Sun.
The scope of the treat also isn't detailed, though I'd certainly like to hear more about this. Hopefully soon they will release more information on what exactly the issue with Java is.