Stupid Java Question

My apologies for this question but I've been on the road this week and that always limits my time to read the news. I've read about the Java vulnerability but what I don't understand is that if this is such a big deal why hasn't Oracle issued a new version that resolves the issue? I'm sure I've missed it but I'm very interested in the answer.