No doubt “unbreakable” Oracle will sort all this out real soon now… In the meantime, check the main story link below for some reasons why Java is a productive attack vector.
In a Monday story about Adobe Reader X I noted that, due to increased security vigilance on Adobe's part, PDF files were no longer the leading vehicle for software exploit-driven malware. That dishonor belongs to Sun's Oracle's Java.
Others took notice of the same phenomenon. A blog entry from Microsoft's Malware Protection Center includes a graph that shows the extent of it: PDF exploits are flat, probably declining, and Java exploits are skyrocketing.