As we expected , The Cyber criminals have added the New zero-day java exploit to the BlackHole Exploit kit.
According to a post of Paunch, the Blackhole creator, the actual java 0 day (CVE-2012-4681) is available for Blackhole owner since yesterday evening.
"ATTENTION! Added 0day Java exploit to knock for new clothes, breaking is cool ... competitors - Tightens)))" He said(translated).
The exploited vulnerability exists in all versions of Java 7, and can be used to exploit not just Windows, but also Apple OS X and Linux systems
As there is no patch from Oracle, the only solution to protect you from this attack is disabling the Java.
Update: The exploit has been included in other exploit kits includeing redkit,sakura kits.
