IDG Answers is a community of experts who are passionate about technology. Ask a question or answer one below.
Java is a big issue, in my opinion. Browser plug-ins are one of the favorite avenues for cyberattacks, and have been for a long time. Fortunately, both Chrome and Firefox block out of date plug-ins, which definitely helps matters, at least with those two browsers. Of all plug-ins, Java is most often used for exploits, in my experience. Fortunately, there is a good way to minimize the risks of Java: remove Java completely. There is almost no need for it, and most users will never even miss it. If you use Chrome, you can use sandboxing to run Java in a secondary browser if you absolutely have to run it.
BTW, apparently we aren't the only ones concerned about the vulnerabilities created by Java. Mozilla is considering blocking the Java plug-in to help stop SSL attacks.It will be interesting to see if they follow through, and if so, whether there is a reaction from Firefox users.