Less than two days after Apple once again blocked Java 7 web plug-ins on OS X, Oracle has released an updated version of Java 7 to address certain security vulnerabilities.
The new Java 7 arrives as Update 13 and carries a version number of 1.7.0_13-b20, meeting Apple’s requirement for a minimum of 1.7.0_11-b22. Oracle has also released an updated version of Java 6, although Apple was not blocking the previous version of the plug-in.
Oracle notes that the new update contains fixes for over 50 issues and that the launch was accelerated by several weeks in order to address a vulnerability that was being exploited in the wild.
The original Critical Patch Update for Java SE – February 2013 was scheduled to be released on February 19th, but Oracle decided to accelerate the release of this Critical Patch Update because active exploitation “in the wild” of one of the vulnerabilities affecting the Java Runtime Environment (JRE) in desktop browsers, was addressed with this Critical Patch Update. […]
Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. This Critical Patch Update contains 50 new security fixes across Java SE products.
The latest versions of all Java SE packages are available through Oracle’s support site.
(Thanks, Flemming!) by macrumors