For anyone who is in any doubt, security experts are spelling it out in black and white.
The advice from the CERT (Computer Emergency Response Team) at the Carnegie Mellon University Software Engineering Institute (who are sponsored by the Department of Homeland Security) is loud and clear – you should only be running Java in your browser if it’s absolutely necessary.
“Unless it is absolutely necessary to run Java in web browsers, disable it… even after updating to 7u11. This will help mitigate other Java vulnerabilities that may be discovered in the future.”
You will see similar advice in the advisory posted on the official DHS US-CERT website…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.