Safari 6.0.4 was released allowing users to set the Java plug-in preferences on a site-by-site basis. Though this gives users more control over which sites are allowed to use Java or not, the feature has yet to prove itself. While we recommend installing the latest Safari update, we also recommend to keep Java disabled for now until this feature has been put through it’s paces. Once installed open the Safari Preferences > Security and make sure the “Allow Java” checkbox is unchecked.
Run Software Update on your Mac to see this download. More info on the new Java controls here.
Java itself was updated as well, both through Apple and Oracle. Run Software Update and install the Java for OS X 2013-003 1.0 update or get it directly from the apple website. This update is recommended for all users as it updates a slew of vulnerabilities and disables Java for users who have no need for it. Additionally, if you have the latest version of Java installed through Oracle, go to your System Preferences > Java and install the available update there as well by using the “Update Now” button. This will update your Java 7 to version 21.
Ensure these updates are installed on all your computers as soon as possible. As mentioned before, now that the list of fixes and vulnerability patches is available, hackers know what to look for in systems that have not yet been updated.
For the latest version of Java directly from Oracle (both Mac and PC): go here.
For the available Mac OS updates, run Software Update from your Apple menu.