I guess ORCL got off the schneid and patched Java in order to fix whatever was ailing it, such that HLS/CERT wanted us to disable it.
When it updated on the two different Windows installations on computers in Chez Blogmeister, one desktop box, one laptop, during the update process, it wanted to shove crapware on my system by default, one wanted to give you the Ask.com browser toolbar, and the other wanted to run a McAfee “security scan.” If you blew by that step, you would have gotten whatever it was offering. But ORCL has been doing this with Java installations and updates for awhile. Which makes me think maybe the problem with Java isn’t Java, but the third party crapware they slyly cram down our throats. Most people won’t uncheck the check boxes that are checked in by default, because they figure they won’t get the Java, or because “security scans are good,” because McAfee is rock solid (even though someone named McAfee is currently facing a murder rap.)