Oracle announced the release of Java 6 Update 22 which contains fixes for at least 29 security vulnerabilities.  It can be installed through the Java program updater.  Watch out for bundled software - in my case I had to deselect a 30-day trial for Carbonite.

http://krebsonsecurity.com/2010/10/java-update-clobbers-29-security-flaws/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+KrebsOnSecurity+%28Krebs+on+Security%29