Java dot anything is slow and buggy anyway. Thats why I disable it by default on all websites.
I dont like waiting minutes for something that should take under 2 nanoseconds to happen.
The only time I turn it on is to satisfy websites written by major companies, such as the bank.
Anything Java -anything- can do, plain olde fashioned HTML can do faster and better.
I was over even running any software to be run locally as software on my PC that involved anything with the J word in it. It would screw up graphics, it would freeze, and take forever to do anything anyway. After I totally changed to an entirely different OS. I tried it again. No change. Still slow and buggy. Pfft at Java. Give me compiled C++ any day of the week.
Is it a surpise that something that cannot even be depended on to simply display its own graphics without crashing is also not secure?