Apple updates Java
Following another recent security issue with Java, Apple issued an update that added the latest versions to the system’s browser plug-in blacklist to protect users from any potential threats; however, in doing so it silently blocked a number of people from accessing required Java content, such as banking and financial Web sites.
To manage this problem, if you need Java, then the latest version from Oracle (version 1.7.0_13) that was released yesterday should have addressed the security holes and get your system back up and running. You can download it for OS X Lion or Mountain Lion from Oracle at its Java Downloads page.
Unfortunately the Java 7 runtime is not available for those using Snow Leopard, for which the latest version is Java 6. However, Apple has issued its own separate update to Java 6 for Snow Leopard to address the vulnerabilities in this version. The update, which should be available through its Software Update service, should run automatically or can be invoked by going to the Apple menu.
Given the stream of recent security issues with Java, if you don’t need Java, then you might consider avoiding using it on your system, or at least be sure to disable the Web plug-in for it. While Java is a powerful and useful runtime that a number of programs use, the avenue for exploiting it is almost exclusively through the Web plug-in component of the runtime, so if you find you do need it installed, then you might at least consider disabling the plug-in in the Java Control Panel (or in Apple’s Java Preferences utility for Java SE 6).[source:cnet]