Have you ever worked in an enterprise environment? Java is widespread, because it is cross-platform. You only have to right software once, and it will work on Mac, Windows, mobile phone, an ATM, whatever. That's part of the reason people try to compromise it so often.
Unless Oracle somehow self-destructs, Java isn't going away anytime soon. Heck, even CrashPlan Pro (the supposed gold standard in Mac backup that Apple uses on 27,000 of its campus computers) uses a Java client to run. That's right - read it: Apple uses Java on nearly every desktop computer on their campus.
No, Java isn't going away. I don't think that Java itself is the problem, but rather the "sandbox" that can be broken-out-of on client operating systems. These systems don't get the latest patches when they need it most. I have relatives who don't know what Java is, who don't know how to disable it even if they do, and certainly don't give half a care if some software they can't identify is kept up-to-date.
I also suspect that Apple have a vested interest in preventing Macs from joining the millions of Windows PCs the world over that are unknowing members of criminal botnets. Maybe a point of pride.
This stream of issues isn't necessarily about these standalone apps. It is rather more focused upon
applets that run
within a Web browser. CrashPlan isn't (at least to my knowledge?) built as a browser applet. Even if it were to suffer technically from the same vulnerability, it might not be nearly as practical to exploit it.
When Java is enabled in the Web browser, that browser becomes a potential "open window" on to the operating system for anyone able to exploit such a vulnerability.
The "problem," as I see it, is applets, not Java standalone apps.
Organizations that require Java to be enabled in the
browser are helping to keep this issue alive since going through the browser seems an increasingly-common central attack vector.
If Java simply didn't exist in the browserif Applets were dead for goodpeople with apps that have Java dependencies (CyberDuck, CrashPlan, etc.) might not get locked out as often once something like this comes to light, as the level of risk, I feel, would likely be lower.