My Mac security friend Topher Kessler has posted a great article at MacFixIt with some tips about keeping your computer safe from the ongoing Java lunacy.
With the latest security holes coming to light, many are recommending removing Java entirely from your system. If you don't want to go that far, here are some things you can do.
Lately Java has been getting a bit of bad press, thanks to several consecutive security holes that have been exploited by malware developers. One notable occurrence was the Flashback malware threat that affected a number of OS X users, which (though due in part to Apple's negligence about Java upkeep) was rooted in the Java runtime. More recently, Java 7 has seen a new zero-day vulnerability that has been circulating in exploit kits.
In response to these threats, many in the tech community have recommended that people uninstall Java altogether. However, this can be impractical for some, as many people need Java to run applications, including Web apps and a number of technical and creative development tools. . . .
NEW: As you'll see in my added comment below (read for details), the ClickToPlugin add-0n for Safari is NOT adequate for blocking Java applets from running in the browser.
Therefore, I cannot recommend bothering with ClickToPlugin for blocking Java. So it's back to the mantra:
Just Turn Java Off