There is an extremely high risk exploit out that can potentially cause havoc for a lot of users/systems. All someone has to do is get you to visit a site with the bad code, which will then run an exploit kit under the same user as the Java process which means they’ll most likely be taking over your entire system.
This is not only relevant for sysadmins, but for anyone being connected to the internet. A website you open could potentially have the code on it, and the person would then have access to your PC to install key loggers, or whatever they want.
There is currently no fix for this issue, which is why it’s highly recommended to disable Java in your browsers. If you need to use Java Applets then it’s suggested to use a secondary browser or virtual environment to be used only with this.
You can find more information here: