For a widely distributed runtime like Oracle's Java, a zero-day vulnerability (a security flaw exploited to create malware before the platform's maintainers have a chance to analyze and respond) is your basic nightmare. Millions of computers might be affected while a patch is in progress; security companies and ISPs need to coordinate to update malware definitions and block command-and-control websites. Nothing but aggravation -- and since Java can run on all varieties of operating systems, there's plenty of agita to go around.
Research shop FireEye identified a
