Microsoft and Oracle both released patches this week for zero-day exploits found in Internet Explorer 8 and Java. If you still use Internet Explorer 8 or below, you should probably download the fix available via Windows Update. As for Java, you should probably still keep that disabled.
Krebs on Security reports that a hacker has already found a hole in the Java fix that Oracle uploaded this week. This particular hacker relayed the news to others on a private Web forum, and began looking for buyers
read more.......http://www.webpronews.com/java-patch-didnt-fix-everything-new-exploit-on-sale-for-5000-2013-01