A new, so called “zero-day” vulnerability Java Runtime Environment (JRE) version 1.7 or higher has been discovered and is being actively exploited on the Internet.
A user machine can be exposed to attack by visiting a compromised website or clicking on an email link that directs the user to such a site. Once exposed, malware or software may be downloaded to your computer and could then do anything on your machine that you have permission to do.
No patch is available from Oracle to address this issue. For more information and instructions visit WSU News at https://archive.news.wsu.edu/pages/publications.asp?Action=Detail&PublicationID=32582&TypeID=3