Some experts recommend virtualization as a workaround for businesses that need to use those Java-based services. Installing it in a virtual machine keeps it at arm's length from critical systems. The home user, especially one focused on Facebook and the Web, may be able to dispense with Java altogether.
Fans of HTML 5 point to this alternative to delivering the multimedia functions that Java enabled earlier in the Web's development. It is a focus of both Adobe development and AT&T's work, and appears to be gaining momentum this year, although it targets Flash more than Java.
The question of whether to keep Java comes down to "your risk profile, and how critical that system is," says Team Cymru's Santorelli. "If the consequences of a compromise would be catastrophic," uninstall Java.
Andrew Brandt is a freelance writer and security expert.