Oracle has released Java SE 7 Update 11, containing important security fixes. See Oracle Security Alert CVE-2013-0422
to learn more. Oracle strongly recommends that all Java SE 7 users upgrade to this release
. Read the Release Notes
for additional details about this release. Download
Java SE 7 update 11.
Because this is an out-of schedule release remediating security vulnerabilities, going forward Oracle will increment the release number for all subsequent Java 7 releases by two numbers in order to continue having CPUs as odd numbers and limited updates as even numbers. For example, the next Java CPU release, scheduled for Feb 19, 2013, the JDK 7 release version will be renamed to Java SE 7u13.
The major portion of this fix is to change the default security setting from medium to high. This means that it doesn’t automatically run unsigned applets, effectively blocking drive-by Java vulnerabilities.
At this time, if you need java for a program to run, you can install the update, but make sure you have uninstalled all prior versions first.