This isn't that surprising really. Microsoft's focus on security 10 or so years ago has paid off and its hard to find flaws in their OS now. The next most common platform is probably the JVM so its the new attack vector.<p>I would imagine we are going to see more and more of these exploits unless Oracle takes the same approach that Microsoft took, and even then it will be years before the benefits are felt.
Another browser plugin hole? Yawn. It's disabled in Firefox and Chrome anyway. Let them disable it for good and enable by exception.<p>Who uses Java in browser anyway? WebEx and some weird VPN solutions?
It almost sounds like Oracle managed to shoo away all good folks from the JVM team and all they are left with is a bunch of B players. I dont remember it being this bad.