Java Release 7 Update 11 (released January 13, 2013) fixes this issue.
More info here.
” The latest Java version, Java 7 Update 10 contains a critical security vulnerability which is reportedly already being used for large scale cyberattacks. Users who have Java installed on their computers should deactivate the Java plugin in their browsers without delay. …”
Source: The H Security: News and Features
More Dangerous vulnerability in latest Java version