Saw few articles saying Oracle already knew about this flaw being possibly exploited... seems they won't patch until somebody moan about it ;)
Also the bug hunters said the out-of-band patch also flawed.....
http://securitywatch.pcmag.com/none/302218-oracle-quietly-releases-emergency-java-patch
http://reviews.cnet.com/8301-13727_7-57504640-263/new-vulnerabilities-found-in-latest-java-update/