Here we go again. Newly discovered flaws in Java are already being exploited by hackers, according to the U.S. Department of Homeland Security. While Java plug-ins remain a useful technology for software development, this latest incident should prompt businesses to mitigate Java-related risks.\r\n\r\nOracle, Java\u2019s owner, has released a software update, and more are anticipated. Companies should ensure that their websites and applications are fully updated. As security warnings from the government and private-security experts mount, it is probable that fewer website users will accept Java plug-ins in the future, meaning that alternatives to Java applets such as leveraging HTML5 solutions, should be explored, a trend already well underway. An effective IT policy may include removing Java from employees\u2019 browsers or allowing them to use Java plug-ins only when specified programs ask for permission.