Disabling Java to install applets from untrusted sources should be enough. A Zero-day attack is a hack to a previously unknown app vulnerability, meaning it causes the damage the first day its found.Did The NSA Continue To Stay Silent On Zero-Day Vulnerabilities
Even if the bug is protected by proper security procedures, the experts warn the vulnerability could be around for awhile. The current version of the Java application has been the source of big security breaches in the past year.Zero day deals
Like other Java bugs, todays zero-day bug is aimed at duping users to visit a website filled with malicious code. When the user visits that website, the infected applet downloads itself onto the clean computer.Zero day deals
While the latest Java update, Java 7, has seen stable performance, security personnel have warned it is vulnerable to numerable exploits over the last year. Oracle has consistently updated critical patches to fix security bugs, with the last update two months ago fixing 14 dangerous vulnerabilities.Zero day deals
UPDATE : Weve been notified that Mac users are only at-risk of the bug if they install the new Oracle 1.7 build. So most Mac users should be safe. Thanks to @miketrose.
According to several U.S. security agencies, a hack burrowing dangerously around the web through browser-based Java software has already hit Windows and is a serious danger to Mountain Lion OS X.
In order to protect yourself immediately, security businesses and anti-virus developers recommend disabling all of your Java plug-ins and erasing Java 7 from your computer. However, that might be a bit of overkill.
The bug was activated by the security programmers through the Metasploit code in Firefox and Safari browsers, as well as in Microsoft Explorer. So far, the bug has only appeared in Microsoft Windows systems but the experts say its a matter of time before it is found in Apple computers.