SANS researcher Daniel Wesemann recommends Java users become more vigilant in the application of security updates to avoid threats from drive-by exploits.
This recommendation comes on the heels of Microsoft's recent report that highlighted an "unprecedented wave of Java exploiting."
"It doesn't look like the situation has improved since, and the bad guys are taking advantage. Not surprisingly, the FAQ document on 'Virus found in my Java Cache Directory' is ranked third most popular of all the issues listed on Java.com".
The infection most often occurs when users encounter a website that has been "injected with the exploit," which initiates a self-executing applet download via Java.
An illustration of the infection process is detailed in Wesemann's blog, and he recommends that, "If you haven't done so yet, hunt down and patch every incarnation of Java on the PCs that you are responsible for."
The exploit is still being proliferated despite the fact that a patch to prevent the infection has been available since July, which is evidence that users have not been as proactive about securing Java as regularly as they update Windows patches.
Automatic update settings are the best way to stay current, and will ensure critical patches are installed in a timely manner.