Looks like Java is STILL vulnerable / broken
I did not post on the recent Java vulnerability because the fixes came out so quickly, however, it looks like I relaxed too soon.
Apparently there was a second vulnerability that did not get fixed. At this point, you should probably just disable Java in your browser. Gizmodo has a short article on how to do that for the various browsers.
Very few websites actually require Java any more. If you absolutely need to visit one of them, I suggest enabling Java on just one of your browsers and using that browser exclusively for visiting that trusted site with Java.