For anyone using java to run PPP:
there is a security hole in the Java browser plugin, which is being actively exploited in the wild. Update your java now (go to
http://www.java.com and download a new version) and/or disable the plugin in your browser (that's going to be a different set of instructions per browser, so I'm not going to give you chapter and verse). PPP does not need or use the browser plugin, so unless you want it for other reasons, I'd recommend just nuking the blighter.
Mozilla are taking steps to blacklist the affected plugin versions, so anyone using Firefox should get notified about the hole, and have their plugin disabled (if vulnerable) in the near future, if it hasn't happened already. I believe Microsoft can take similar steps for IE, but I could be wrong about that, and I've not seen any reports about them pulling the trigger yet. No idea about chrome/safari...
To check your version, get a command prompt (press windows key and "R" together, then type "cmd" and return) then type "java -version". You want to be on 1.6.0_31 (I think) or 1.7.0_03.