It seems that Oracle is at least working harder to plug security holes a little quicker than before as the programming language continues to cause headaches for the security world.
This latest critical patch addresses 50 security issues (44 of them come from the browser plugin) was released to the public on Friday (Feb 1st, 2013).
At this stage however even with the updates applied I recommend that you only have Java installed if you absolutely need it and make sure that the browser plugin is disabled or removed.
The big deal with Java is that it is a cross platform environment meaning that the same program written for a mac will also run on a PC without need for modification. This makes it a popular tool of choice for the bad hackers out there especially since Java goes beyond the PC and mac to other platforms like Blu-ray players, stereos, phones to name a few.
*Credit to a listener of Security Now with Steve Gibson.