Macworld has a good article discussing the security threats to those of us running OSX from Java and what you can do about it. Java security threats: What you need to know

If you have Mac OSX 10.6, 10.7, or 10.8 the very latest OpenJDK builds may be downloaded from here: https://code.google.com/p/openjdk-osx-build/