A serious Java vulnerability was made public earlier this week, which is being actively exploited by attackers. Oracle released an update that fixed this vulnerability today, so we are now moving ahead to encourage all users to move to this new version.
We have enabled an update notification that will show up every time a user visits a site with a Java applet using a vulnerable Java plugin. The notification points to our Plugin Check page, which should assist users in getting Java up to date.
This block will be initially applied to Windows users and Linux users who have the Oracle version of the Java RE, but we expect to extend it to Mac OS X (where the majority of users are unaffected) and the IcedTea plugin on Linux.
You can check if your Java plugin is out of date on the Plugin Check page.