According to security analyst Wade Williamson, organizations need to realize that Java will continue to pose a significant risk. “The first step is for an organization to understand precisely where and why Java is needed,” Williamson wrote. “Based on the rate of newly discovered vulnerabilities, security teams should assume that Java is and will continue to be vulnerable.”
Organizations should to take a long, hard look at Java and answer for themselves if it’s worth it, Williamson added. Due to the threat posed by a successful attack, Oracle is strongly recommending that organizations apply the security fixes as soon as possible."
Link to Original Source