You can download the update from http://www.java.com/en/download/index.jsp" onclick="window.open(this.href);return false;
Updating to the latest version of Java may not be enough to make your computer safe, from US-CERT Vulnerability Note VU#886582
Mozilla have recently blocklisted the older Java Deployment Toolkit plugin, if you check your list of plugins in Firefox you may find that it has already been disabled.The installer for Java 1.6.0_20 may not correctly update all instances of the Java Deployment Toolkit plugin. In some cases, the plugin that resides in the \bin\new_plugin directory may not be updated to the fixed 6.0.200.2 version of npdeployJava1.dll. If the new_plugin directory contains npdeploytk.dll version 6.0.190.4 or earlier, then browsers that use plug-ins, such as Mozilla Firefox or Google Chrome, may still be vulnerable. To correct this situation, delete the vulnerable npdeploytk.dll from the new_plugin directory and replace it with the npdeployJava1.dll version from the bin directory.