I installed Java version 45 on a test machine. High security setting says that one can can't run unsigned or self-signed apps on older versions of Java, and in fact it fails to run a self-signed applet.
How is this version able to detect that it is an older version? It certainly wasnt an older version when it was first deployed.
Java configuration, mainly the security baseline, gets updated as soon as you receive the new version notification, even if you choose "update later" . At that point you are executing java 7u45 but using an updated launcher, so it knows you have an older version running, and it applies the updated security checks.