Here is a link to the USA Homeland Security site explaining a vulnerability of JAVA. http://www.us-cert.gov/cas/techalerts/TA13-010A.html The "emergency" update Oracle distributed last night is apparently not enough to protect you. So, DHS is suggesting that JAVA be disabled.