Apple has updated vulnerabilities in Java for Mac OS X 10.6 and 10.7 systems, some of which could allow an attacker to execute code outside of the secure Java sandbox. Vulnerabilities in Shockwave and Java are becoming an increasing security issue for businesses. Most administrators fail to update these patches outside of Windows updates.
Java for OS X Lion Update 1 - http://support.apple.com/kb/DL1421
Java for Mac OS X 10.6 Update 6 - http://support.apple.com/kb/DL1360