Java applets are little programs that run on your computer, inside
web work the way it does. Most modern web sites, including this one,
use things like that. And the reason Java applets are generally safe
is that they can't go outside the "sandbox" of the Java Virtual
Machine (JVM) - they can only do limited things. An applet can ask for
permission to, say, read your hard drive, when it loads - at which
point your browser will pop up a big "This applet wants permission to
go hog-wild and do whatever it wants - do you really, really trust
it?" box. And you can say NO to that.
The security problem is that someone found a way to let an applet go
hog-wild on your computer without your permission. It's not news
because things going hog-wild on computers is news - any of the many
thousands of viruses for Windows do that. It is news because Java's
record on security has been very good, making this a nasty surprise.
A fix has been released and can be downloaded from Oracle.
Infos @ http://timboudreau.com/blog/read/The_Java_Security_Exploit_in_%28Mostly%29_Plain_English
Magno A. Cavalcante
JUG Leader @ http://RioJUG.org