I would presume that for anyone to be able to use the exploit, you'd have to visit a malicious site to begin with, for them to get access to java and run their code to infect you. Seems a bit of an overreaction to me, sure it's a problem, and should be fixed, but alot of sites use Java, and as long as your not visiting stupid/virus ridden websites, I can't see it causing any problems.