There is one specific step that everyone can take to eliminate approx 90-95%+ of drive-by-zero-day-exploits without really impacting your web browsing habits that much:<p>Disable Plugins on your primary browser.<p>Whether that be Opera/Safari/IE/Firefox - just disable the plugins. Then, all of these Java 0days, PDF 0days, Flash 0days won't impact you.<p>Keep a backup browser, that is <i>not</i> your primary, and use that for your SSL VPN (frequently Java), or Crappy Enteprise Apps like timesheets and Remedy (frequently Flash).<p>Yes, browsers have 0days as well, but they occur much less frequently (approximately 1/10th) than plugin vulnerabilities, and get repaired much more quickly.<p>For the really security conscious, of course, browsing from a separated/virtualized thin-client is even better, particularly if you can live with the hassle of refreshing your cookies every so often after a reset.
This happened last month, so it was 0-day THEN, not NOW.<p>The hole in question was patched in the February 1st Java release, plus the way the Java plugin works now (and how most browsers handle Java now) even if there are still holes remaining in Java, the user will have to click through at least one, probably two warnings before they can run the dangerous applet.<p>So far the latest fixes (in browsers and in Java) seem to have been effective.