My advice for preventing vulnerability to the latest proof-of-concept attack vector utilizing Java:

[It’s] pretty simple:

1. Turn off ‘Open “safe” files after downloading’ in Safari -> Preferences -> General
2. Turn off Java in Safari -> Preferences -> Security and any other browsers you use

Step 1 should be one of the first things you do upon setting up your Mac anyway. Read the longer explanation, if you like.