You're 100% correct that a reasonable amount of effort is needed to test a patch that is going to be deployed to users and enterprise systems.

But here we have a known exploit, and Oracle with their huge pool of resources cannot manage to release patch for it before Feb 2013? You can believe that they don't have the resources to test the patch in a shorter time frame or even create a better one? I seriously doubt that it takes Oracle months to regression test a single patch.

The bottom line is that Oracle are the owners of Java, and they can't patch it in a timely fashion.

Companies and people running Java applications are OK with this?

I was once a huge fan of Java and in all seriousness, this is one of the exact reasons that I don't touch Java anymore. I don't even look at MS stuff either for similar reasons.

I hope all cars sound like they used to on The Jetsons.

You can roll back to an earlier version without too much trouble. OK, harder than it should be, but it wasn't what I would call hard.

I didn't run into any "conflicts".

I wrote about it here http://scottbarr.blogspot.com/2010/07/rolling-back-iphone-ios4-to-iphone-ios3.html

I would consider it more of a reach around.

Yes, I also heard about the 1000-blade project getting cut...

"Write once, exploit everywhere"

Well, someone had to say it.