Although the exploits now circulating in the wild have been aimed only at Windows users, it's possible that Macs could also be targeted.

"What is more worrisome is the potential for this to be used by other malware developers in the near future," said Intego, a Mac-specific antivirus vendor, in a post to its Monday. "Java applets have been part of the installation process for almost every malware attack on OS X this year."

The largest Mac malware campaign to date also involved Java. Flashback, which exploited a Java bug that at the time had not been patched by Apple, starting in early April 2012.

Apple stopped bundling Java with OS X starting with last year's Lion, a practice it continued with Mountain Lion. Those users, however, may still have Java installed; when a browser encounters a Java applet, it asks the user for permission to download the Oracle software.

People running the older Snow Leopard (2009) and Leopard (2007) are even more vulnerable to attacks, as Java came with those operating systems.