Oracle has updated Java with Java SE Development Kit 6, Update 44 (JDK 6u33) providing 14 security fixes, 12 of which can be remotely exploitable without authentication. Of particular note with the Oracle June Java update is the fact that Apple is also updating Java at the same time.
The importance of updating Java immediately — regardless of whether you are using Windows, Mac OS X, or Linux — cannot be overstated.
“Many of the vulnerabilities fixed in the latest Java are remote code execution, so they are very important,” Chester Wisniewski, senior security researcher at Sophos said. “Not any one stands out, but they will likely be exploited if they are not already in the wild.”
Over the last several years, Java has been one of the most exploited technologies and not just on Mac OS X. In 2011, studies from Cisco and Qualys both independently identified Java as the most vulnerable browser plug-in.
The latest Java updates are currently freely downloadable from Oracle.