Mozilla Software → Re: All versions of the Java plugin are blocked

Except:

Oracle updates Java, security expert says it still has bugs... | Stuff.co.nz
»www.stuff.co.nz/technolo ··· s-expert

Last updated 12:18 14/01/2013
...

Java security expert Adam Gowdiak, who has discovered several bugs in the software over the past year, said that the update from Oracle leaves unfixed several critical security flaws.

"We don't dare to tell users that it's safe to enable Java again," said Gowdiak, a researcher with Poland's Security Explorations.

An Oracle spokeswoman declined to comment on Gowdiak's analysis.

I got to wonder how many critical security flaws remain in Flash as well since Java is getting all the attention.

AdBlock Plus with NoScript are your friends here. I have scripting (and Java) blocked everywhere and only enable it on an as-needed basis. With ads blocked I rarely need Flash or scripting.

Sure, it's a bit of a PITA, but it's safer. And since I don't run as Admin anyway, that makes me safer yet.