Disclaimer: In this post, I'm blogging about a subject I do not entirely comprehend. I hope to encourage discussion and learn from the community as I know that there are folks smarter than me who may have already addressed this issue.

I recently read about the Oracle Java 7 Security Manager Bypass Vulnerability published by the United States Computer Emergency Readiness Team. As I understand it, vulnerabilities have been discovered which could allow a sandboxed application to promote itself in privileges to be able to access files and resources outside of the sandbox - such as accessing your files or internet communication.   US-Cert Vulnerability Note VU#636312 advises disabling or removing completely the Java runtime environment so that web browsers cannot launch Java.

While I understand and am concerned about the security threat, I am also concerned about the impact of disabling or removing the Java runtime environment. In my simple tests I found that web pages and resources ceased to function fully for need of the appropriate Java runtime.

20130112 - Java Runtime Plugin Missing.jpg

It appears that Oracle can or will release a security update that may address at least part of this threat but questions remain: What would the impact be if Java is uninstalled altogether? How would this likely affect web use? What about the Lotus Notes Components that make use of Java?  

I am still trying to wrap my head this and would appreciate any information that you think may help myself or others that may read this post.