Oh Great, Yet Another Java Zero-Day Exploit
"There appears to be multiple ad networks redirecting to Blackhole sites, amplifying the mass exploitation problem. We have seen ads from legitimate sites, especially in the UK, Brazil, and Russia, redirecting to domains hosting the current Blackhole implementation delivering the Java zero-day. These sites include weather sites, news sites, and of course, adult sites," security firm Kaspersky warned in a blog post.
A heat map of the widespread distribution of the Java exploit. Source: Kaspersky
After doing a bit of digging, Kaspersky discovered that not only is the new zero-day exploit coming bundled in the more prevalent exploit kits (yes, such things exist) like Blackhole, Nuclear, and Red Kit, but also in the hands of Metasploit developers.
"Perhaps it is interesting that the first known victim system executing the exploit retrieved the malcode with a Firefox browser, demonstrating the robustness of Java exploits," Kaspersky added. "Also, in December 2012, the zero-day was used to distribute TDSS and ZeroAccess malware."
Oracle hasn't yet addressed the exploit with a security update, so it's up to you to take proper precautions, which include disabling Java browser plug-ins and desktop Java apps.