Java is problematic these days. In fact, in my recommendation, you should disable or even remove Java from your computer. PC World says that a new exploit is selling on the black market for $5000. And while Oracle says that Java is fixed, Homeland Security says it's still risky.
Personally, I don't think the benefits outweigh the possible risks. Only one of my websites uses Java, and we are working on a replacement for it right now. And I don't visit many (any, I think) sites that use Java in a primary fashion. So I have removed Java from my computers. I think it's the safest thing for me to do.
Do the websites you build use Java? What do you think about the security risks, do they worry you? Have you changed your websites because of them? Please leave your feedback in the comments.