There’s two pieces of software that are guaranteed to make your system less than secure. One is Adobe Flash. The other is Oracle Java. Given that I talk about Flash insecurity frequently, it’s almost a refreshing to talk about Java insecurity.
Oracle is urging Java users to upgrade to the latest version which is available here (or via their software update mechanism) to stop a very nasty bug in the desktop and browser plug-in versions of the software. The bug in question allows attackers to “impact the availability, integrity, and confidentiality of the user’s system.” That means that an attacker can get into your system at will. Worse still, an attacker can do that remotely, without authentication.
Now if you want my advice, I say dump Java. While you’re at it you should dump Flash too. By doing so, you can safely ignore these security alerts and just use your computer in confidence.