In a blog about the "unscheduled" update, Oracle says it has changed Java's default security settings to "high" which it says means users will be notified of any extra applications which start running while they are browsing.

BBC: Java still contains security flaws, experts claim