Java hasn't exactly been the most secure product of late, but luckily Oracle is going to try and rectify that tomorrow. An update is scheduled to arrive tomorrow, April 16, to fix 39 critical vulnerabilities with the Java browser plugin, which should definitely be welcome news for computer users. In actuality, 42 bugs are being fixed, just 39 of them are listed as critical due to their abilitiy to be "remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password." Oracle didn't specify which bugs are being patched, but Polish company Security Exploration has a running list of Java bugs here to give you an idea of what could be fixed.
Oracle's also adding some help to let users make better decisions on which code is executed in their browsers. Various messages and warning boxes will appear to let you know if there's a potential security risk, and if you don't like the looks of it, just click cancel. Higher-risk apps will have more visible warnings, too, so you'll know exactly what's going on. Basically, when Java 7 Update 21 arrives, be sure to download it to make sure your computer is safe.
Source: Ars Technica