As with much else on the security front, inherently vulnerable and/or poorly maintained technologies (of which Java is increasingly appearing to be both) are often required for legacy business purposes. Specific in-house, or worse, business-partner (buyer / seller / government) apps which are required for operations, one-offs, and often, are difficult to replace.
For the run-of-the-mill user to disable and/or remove browser Java support probably is a no-brainer now. Business users may have other needs, and worse, may not have the administrative rights to modify their configurations.
The rest of us can engage in some self-satisfying "I told you so". After we confirm we've disabled the crud ourselves.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds