Java Runtime Environment 7 Update 45 released. This one is critical!
Time for another update.
Java SE 7 Update 45 (expires 14th February 2014)
Download (Windows: 32-bit, 64-bit / OS X: 64-bit) / Release Notes
October 2013 Critical Patch Update Released 50 of the Java SE vulnerabilities fixed in this Critical patch Update are remotely exploitable without authentication
. The maximum CVSS Base Score for these Java SE vulnerabilities is 10.0, which denotes a complete takeover of the targeted system (down to the operating system) in instances where Java executes with administrative privileges (i.e. system privileges). Out of these 51 Java vulnerabilities, only 8 are applicable to client and server deployments of Java. 40 apply to client deployment of Java, including one which is only exploitable during Java client deployment. One of the vulnerabilities applies to the JHat developer tool. The last 2 vulnerabilities apply to sites that run the Javadoc tool as a service. For more information about these Java vulnerabilities, see the security matrix for Java SE located on the Critical Patch Update Advisory. (Source