scary java 0-day vulnerability :(

https://krebsonsecurity.com/2012/08/attackers-pounce-on-zero-day-java-exploit/


here is how to work around it:
http://krebsonsecurity.com/how-to-unplug-java-from-the-browser/
http://www.infoworld.com/d/security/6-ways-protect-against-the-new-actively-exploited-java-vulnerability-201174

the outbreak has started:
http://blog.fireeye.com/research/2012/08/java-zero-day-first-outbreak.html

kaspersky:
http://www.securelist.com/en/blog/208193822/The_Current_Web_Delivered_Java_0day