There's a pretty bad Java exploit going around right now, and we've all got to have Java to play Minecraft. If you hit a web page that's been infected with a certain piece of invisible Java code, your computer will be infected and most anti-virus is so-so at catching it. If you're running Java 7 (1.7), you should update. Java 6 (1.6) isn't affected, and disabling you web browser's java plugin will also protect you from the attack.
Java Downloads for All Operating Systems
If anyone wants the dirty technical details, feel free to PM me, but I'm not going to bore the general populace with it.