Even Oracle's "high" security mode can't mitigate latest exploits.
From ArsTechnica:
From ArsTechnica:
For the second time in a month, Apple has effectively blacklisted the current version of the Java Web plugin on OS X. The block comes just days after it was discovered that the latest version of the plugin, which had been rushed out to patch a critical vulnerability, can still be exploited despite its heightened security mechanisms.For second time in a month, Apple blacklists Java Web plugin
Apple has worked to distance itself from Java in recent years. The company deprecated its own version of the Java virtual machine for OS X, instead deferring development to Oracle itself. The browser plugin in particular has become a common vector for malware attacks, and Apple removed the Java Web plugin from recent versions of OS X last year. Those needing the plugin must install it separately.