Here is some background information about the latest Java 7 exploit* of vulnerability CVE-2013-0422, and the Java 7 Update 11 that patches it. The article also addresses potential issues with the (unrelated) JavaScript and suggests a 'best practice' approach.
