In the wake of the recent discovery of a zero-day vulnerability in Java (version 7u10), Oracle came out with a quick patch that applies to the applets running inside the web browser.It consists in elevating the security level for Java applets and web start applications from “Medium” to “High.” This modification results in warnings being emitted whenever an unsigned applet or Java Web Start application tries to run, any attempt of silent exploitation being thus brought to the user’s attention.
Keep in mind that this update does not apply to standalone Java applications or server-side installations.
Versions earlier than Java 7 Update 10 are susceptible to remote execution of arbitrary code by an unauthenticated attacker.
The current patch addresses JDK and JRE 7 Update 10 and earlier and includes all the fixes from previous critical patch updates and security alerts.
Download the latest Java JRE update