Microsoft warns of major increase in Java based attacks

Java is indeed one of the attackers primary conduits for malware these days.  In the 1st link below, the chart is worth looking at, as the exponential growth shown is alarming.  I thought the PDF dangers might be high, but web/email based attacks are off the charts.  As Java works behind the scenes it may not be as visible to users, as well as the need for it to be updated. Always carefully update Java as prompted to ensure your PC is adequately protected.

Microsoft warns of major increase in Java based attacks
http://blogs.technet.com/b/mmpc/archive/2010/10/18/have-you-checked-the-java.aspx
http://krebsonsecurity.com/2010/10/microsoft-a-tidal-wave-of-java-exploitation/

QUOTE: What I discovered was that some of our exploit "malware" families were telling a scary story - an unprecedented wave of Java exploitation.  In fact, by the beginning of this year, the number of Java exploits (and by that I mean attacks on vulnerable Java code, not attacks using JavaScript) had well surpassed the total number of Adobe-related exploits we monitored.

Java is ubiquitous, and, as was once true with browsers and document readers like Adobe Acrobat, people don't think to update it.  On top of that, Java is a technology that runs in the background to make more visible components work.  How do you know if you have Java installed or if it's running?

Java ships with a built-in updater that by default checks for updates on the 14th day of every month. However, this may not be frequent enough to keep users caught up with the latest version.