Serious Java 1.7.x Vulnerability
January 16, 2013
A serious vulnerability has been found in Java 1.7, which allows execution of arbitrary code on the victim's computer. All that is necessary for exploitation to occur is to inadvertently visit a malicious website using a browser with Java 1.7.x enabled.
Oracle has released a new update to address this security issue, Java 1.7 Update 11. While we urge you to apply this update immediately, we also recommend leaving Java disabled unless you are intentionally using a site where it is required. Instructions for disabling Java can be found here or here.
Note that IMSS Managed Computing workstations are not running Java 1.7 and are not affected by this vulnerability, however we continue to recommend leaving Java disabled unless it is required.