In contrast, Java has had a never-ending series of security holes. They’re often not patched very quickly – in fact, the Java plugin is still vulnerable today. Java seems to spend most of its time with unpatched security holes, waiting to be exploited. Very few websites use the Java plugin. It’s a relic most people can get by without.
Of course, your browser is yours. You have the ability to control what it does – you could even disable all images entirely and browse the web without ever downloading an image. You could disable Flash entirely and never watch videos online. You could use a text-mode browser like w3m in the terminal instead of using a graphical browser.
What You Should Disable
We do recommend uninstalling Java entirely (or disabling Java if you can’t uninstall it). Adobe Reader has also been another source of compromises – you may want to uninstall it and use a third-party PDF reader. Chrome and Firefox both include built-in support for PDFs, while there are other lightweight options like SumatraPDF.