Lately Java has been getting a bit of bad press, thanks to several consecutive security holes that have been exploited by malware developers. One notable occurrence was the Flashback malware threat that affected a number of OS X users, which (though due in part to Apple's negligence about Java upkeep) was rooted in the Java runtime. More recently, Java 7 has seen a new zero-day vulnerability that has been circulating in exploit kits. Read More ..
In response to these threats, many in the tech community have recommended that people uninstall Java altogether. However, this can be impractical for some, as many people need Java to run applications, including Web apps and a number of technical and creative development tools.
When it comes to the security of your system, uninstalling Java completely is certainly one way to avoid problems arising from it, but it is a bit of an extreme measure. So, how do you secure your system while keeping a potentially faulty runtime installed?
There are two aspects to Oracle's Java installation. The first is the runtime itself, which consists of the libraries and execution environment that allow your system to execute Java programs. The second component of the installation is the Web plug-in, which interfaces these libraries with the browser to allow hosted Web applets to run.