Security researchers have recently found a vulnerability in Java that can allow an attacker to take over your computer without your consent. Unless you have a mission critical use for Java, it is recommended that you disable Java in your browser or uninstall it completely from your computer.
A Zero-Day vulnerability means that even with a fully updated computer, you can still be infected, because vulnerability has not been patched. In this particular example, Java version 7 update 10 is the latest version. I’ve read that Java version 7 update 11 will fix this new vulnerability, but it has not as of this writing been released. Even when it is released, there are still many more known vulnerabilities in Java that make another Zero-Day attack likely just around the corner.
So, as of right now, my recommendation is to disable Java in your browser, or uninstall it completely.