Java continues to be the target of choice for attackers in 2012. If Java isn’t needed, remove it, block it, etc. Consider blocking Java at the border of your enterprise and whitelist sites you trust that really need it. Oracle and previously Sun, created a product that is too difficult to patch quickly and easily. The only way they can redeem the product is patch quicker and more seamlessly – for many security conscious people this improvement will be too little too late!
“Security researchers from Poland-based security firm Security Explorations claim to have discovered a vulnerability in the Java 7 security update released Thursday that can be exploited to escape the Java sandbox and execute arbitrary code on the underlying system.”