Apple and Oracle have each released Java updates. The recent update patches some major security holes, one of which was already being used to attack computers.
The exploit allowed for malicious software to be installed on a user’s computer.
Here are the release notes:
This Security Alert addresses security issues CVE-2013-1493 (US-CERT VU#688246) and another vulnerability affecting Java running in web browsers. Due to the severity of these vulnerabilities, and the reported exploitation of CVE-2013-1493 “in the wild,” Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible.
The update is available here.