Oracle has released an official fix for the Java security flaw that was recently reported by the Computer Emergency Readiness Team late last week. Shortly after it was flagged by CERT, Apple disabled the Java plug-in on all Macs running OS X 10.6 or later by amending the XProtect malware/minimum versions file. Users who are interested in re-enabling a secure, working version of Java can download the update from Javaís website.
The update is of course recommended for users on all operating systems including Windows and Linux. Of course, if you donít need to be running a Java VM for a specific, your best is to not have it installed in the first place. Many people have suggested to simply leave Java disabled for browser access most of the time and only turn it on when specifically required to do so, which makes sense.
From its update release notes, Oracle states the following:
Due to the severity of these vulnerabilities, the public disclosure of technical details and the reported exploitation of CVE-2013-0422 'in the wild,' Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible.
Source: Oracle (A special Thank You to Nicholas Lester for sending this in)