According to this article from F-Secure, a new vulnerability has been found in the Java Runtime Environment and is currently being integrated into several toolkits. The article is very well written, clear and to the point. If you have JRE installed but don’t need it / aren’t using it, remote it. If you do need it or are using it, at least disable the browser plug-in.
This is a vulnerability in the Java Runtime Environment so an attacker with an appropriate payload could attack Windows, Mac or Linux based machines.
At this point, there are some questions as to whether or not Google Chrome is vulnerable but it still would not be a bad idea to disable the plug-in if you have it.