When we install a newer version of software that has been patched to lock out vulnerabilities, we expect to be safe, yes?
When it comes to Sun's Java Runtime Environment, the answer is NO!!!!
Has your copy of Sun's Java Runtime been updated recently? I strongly recommend that you go to Add/Remove Programs and see how many versions you have installed (at 100+meg per version!)
Did you know that old versions of Java's runtime are not overwritten when you update, and that malware designed to take advantage of java vulnerabilities can access those vulnerable older versions? I ask you, what is the use of updating if the bad guys can come along and keep using the vulnerable old stuff anyway? I can almost here them laughing.
Sun Java recommend in their FAQ that older versions of their JRE be kept on computers - BAD ADVICE!!!
Those of us who are lucky enough to have heard of http://sunsolve.sun.com, and know that Sun release Alert Notifications, and know how to find them, also know that Sun recommends that affected versions of the JRE be removed from a computer (see Docs 57707, 57740, 57708 and 57591)!
Bad advice - advice that is directly contradicted in the Alert Notifications - is being given to new users that are the primary audience and users of FAQs. The FAQ needs to be rewritten to advise users to remove older versions of the JRE, unless there is a mission critical application that only runs on an older version. If there is such a mission critical application, Sun should strongly recommend that said mission critical application be updated to be compatible with the latest version of the JRE.
Uninstall all those older versions of the Sun Java Runtime - go on- go and do it now.