We want to pass on some advice that F-Secure Labs has been sharing for a while: “Do you need Java in your web browser? Seriously, do you? If not, get rid of it.”
Sean Sullivan, F-Secure’s Security Advisor, explains why: “The problem isn’t a particular vulnerability; it’s that Java always has the latest, most popular vulnerability to exploit.”
So if you don’t need it, get rid of it. If you need it later, you can always install it later.
If you don’t want to remove it or need to it to run a specific application, you need to make sure it is always updated.