The April 16th, 2013 Critical Patch Update for Java SE (7u21) will change the launch behavior related to running Java Applets and Web Start Applications. Users will be presented with a dialog(s) that will provide additional information to the user who can choose to continue or terminate execution.
In order to have the best possible user experience, your Applets and Web Start Applications must be signed. More information related to this can be found at the link above.
DonaldOJDK Blog 
IMHO a useful automatic updater for Java would be much more helpful than those Java plug-in changes. Updating Java on Windows is a hassle even for experienced users (e.g. because you have to uncheck boxes to make sure you don’t get unwanted software from Ask.com) and many users seem to be on outdated versions (see e.g. http://community.websense.com/blogs/securitylabs/archive/2013/03/25/how-are-java-attacks-getting-through.aspx).
Microsoft (via Windows Update) and Google (for Chrome) can provide automatic updates that don’t annoy users. Why can’t Oracle do the same? Seperate patches can still be provided for businesses.
I assume there’s a contract with Ask.com; is that really worth enough to justify annoying users at every update? Oracle knows that people don’t want that kind of software: they’re not bundling it with the JDKs.
There is already an auto-updater for the Oracle JRE, I believe you are referring to a silent updater. It’s definitely a good feature request. BTW – given the reasonableness of your comments, choosing to hide your identity is unfortunate. It always helps us when we can directly attribute feedback like this.
If it helps, I second that. Oracle should really look into the user experience of updating the JRE, on all platforms. It is a clear example on how bad usability results in security problems.