Oracle has released Java 7 Update 13 to address several vulnerabilities.
Couple of days back, Apple had remotely blocked the Java 7 browser plug-in for the second time due to security vulnerabilities.
Apple had disabled the Java plugin remotely by updating the blacklist information to require machines to be running an as-yet unreleased 1.7.0_11-b22 version of Java 7. Since the publicly available version of Java 7 was 1.7.0_11-b21 at that time, all systems running Java 7 failed the check, thus disabling the plug-in.
Now that the new Java 7 Update 13 carries version number 1.7.0_13-b20, the web browser plugin should be reenabled again as it meets Apple’s minimum required of version number of 1.7.0_11-b22.
According to the release note, Java 7 Update 13 contains 50 new security fixes across Java SE products.
The original Critical Patch Update for Java SE – February 2013 was scheduled to be released on February 19th, but Oracle decided to accelerate the release of this Critical Patch Update because active exploitation “in the wild” of one of the vulnerabilities affecting the Java Runtime Environment (JRE) in desktop browsers, was addressed with this Critical Patch Update.
Java 7 Update 13 also seems to have fixed the issue where the browser add-on wasn’t getting registered in browsers like Firefox.
You can download the latest version from this link.
Via: MacRumors, Oracle