Threat Research & Response Blog
If you’re running Java SE 6, we have some news for you: Oracle stopped providing public updates to it after February 2013.
Enterprise customers will still have access to long term help through their support channels.
For everyone else, you should upgrade to Java SE 7 and remove Java SE 6 - remember Java doesn’t remove older versions by default.
Malware exploiting vulnerabilities in Java isn’t new. We’ve written about Java vulnerabilities on this blog before. In fact, since July this year Exploit:Java/CVE-2013-2465 has been making the rounds and targeting Java SE 6.
Oracle has done a great job of releasing Java updates to patch these vulnerabilities.
However, Java SE 6 is about seven years old, and Java SE 7 was released more than two years ago. This means it’s time to think about alternatives for the aging version.
While we’re talking about end-of-support software - technical assistance for Windows XP will no longer be available from April 8, 2014.
This includes the updates that help protect your PC against security risks and malware. It’s a good time to think about installing Windows 8 on your PC.
And you forgot Office 2003 support also dies in April 2014.
I had Java on my home system. But removed it and I have no need to put it back. Seems I never really needed it. So unless something requires it, don't install.