Link to story: http://arstechnica.com/security/2013/01/critical-java-vulnerabilies-confirmed-in-latest-version/ Summary: Security researchers have confirmed that the latest version of Oracle's Java software framework is vulnerable to Web hacks that allow attackers to install malware on end users' computers. My analysis: Well, this is the latest in a series of black eyes / punches to the gut for Oracle and Java. How do you deal with such an unmitigated disaster? I don't know - but at this point, since all the exploits involve the web browser applet plugin, I'd be tempted to announce that Java applets, at least as we know them now, will cease to exist completely in Java SE 8 - the web plugin will go away, as will all code to support it. This is just a hypothetical "nuclear" measure; but in this day and age, with HTML5 being the clear way forward, it just may be worth it.