Does java security flaw affects ubuntu also?
From here they said it was reported as CVE-2012-4681 for Oracle Java 7 Update 6, and possibly other versions ,
It seems that it has not been reported or accounted for Ubuntu yet but can be seen reported for Debian as here for packages openjdk-6 and openjdk-7 , so i guess it applies here too.
If i am guessing it right ,same version exists for Ubuntu here
So please disable it , to be assured for safer side .
Edit (1-9-2012) It is now addressed by Ubuntu Security team as can be seen here . Security update for the package will soon be provided ,i guess.
Icetea-Web package includes the Plugin , which seems to have not being affected as here.
You can click the Ubuntu link as above to see the packages in it .So i guess , you are safe to use it.
It seems that IcedTea plugin is safe (contrary to what is stated above), here I copy from the RedHat site (also mentioned above):
Tomas Hoger 2012-08-27 09:09:03 EDT
Code execution was confirmed with the latest Oracle and IBM Java 7 web browser plug-in. IcedTea-Web using OpenJDK7 blocks this exploit by not allowing applet to change the SecurityManager (which is allowed in Oracle and IBM Java plugin).
Java 6 is currently not known to be affected.
This is important for me since I need a Java enabled browser to download files from a US government sponsored site, Protein Data Bank (http://www.rcsb.org/pdb/home/home.do), and the IcedTea plug-in works there.
YES, you should disable it (or even remove it) for now. Note that the other answers here are out of date and assume the 'update 7' patch just released (August 30, 2012) fixed things. It did not, it is still vulnerable. It is Saturday September 1st 2012 as I type this Java 7 update 7 contains a critical bug. From the linked article:
Researchers said they've uncovered a flaw in the Java 7 update released by Oracle on Thursday that allows attackers to take complete control of end-user computers.
Instructions for how to disable the browser plugin in Firefox & Chrome are here, in this similar question. Note that Javascript and Java are not the same thing.