Oracle has made addressing vulnerabilities its top priority for JDK 7. Oracle's latest update adds new security features designed to help businesses avoid being stung by critical vulnerabilities in out-of-date versions of Java. These out-of-date versions contain critical vulnerabilities.

JDK 7 Update 40 implements a new feature called Deployment Rule Set that aims to address this problem.
It allows businesses to establish a set of rules specifying which Java applets and Java Web Start applications are allowed to run on client PCs.

The aim is to block the so called "drive-by" infections. JDK 7 Update 40 brings several other new features and improvements, including Retina Display support for OS X, advanced monitoring and diagnostic tools for developers, new security warnings for unsigned and self-signed applications, and restrictions on use of certificates with keys less than 1024 bits in length. It also includes a number of bug fixes.

The update is available HERE.