Oracle hasn't had a great start to 2013. It's barely into the new year, and Apple and Mozilla are already putting up roadblocks to some Java versions after discoveries of significant browser-based exploits. The company has been quick to respond, however, and already has a patched-up version ready to go. The Java update goes one step further to minimize repeat incidents, as well -- it makes the "high" setting the default and asks permission before it launches any applet that wasn't officially signed. If you've been skittish about running a Java plugin ever since the latest exploits became public, hit the source to (potentially) calm your nerves
