rel notes for Java SE 7 u 11: http://www.oracle.com/technetwork/java/javase/7u11-relnotes-1896856.html
D/l link: http://www.oracle.com/technetwork/java/javase/downloads/index.html
Oracle Security Alert for CVE-2013-0422 http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html
"The fixes in this Alert include a change to the default Java Security Level setting from "Medium" to "High". With the "High" setting, the user is always prompted before any unsigned Java applet or Java Web Start application is run.
These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. To be successfully exploited, an unsuspecting user running an affected release in a browser will need to visit a malicious web page that leverages these vulnerabilities. Successful exploits can impact the availability, integrity, and confidentiality of the user's system."
Dunno if this fully patches the zero-day or not, waiting for the BC "cavalry"
Edited by Union_Thug, 13 January 2013 - 11:05 PM.