How serious is the Java security situation? Probably fine as long as you update to the latest version, but how many do and even if you do are you still safe from old versions? This  infographic might make you more worried about the situation.

Bit9 is very interested in helping companies secure their infrastructure and has a report and an infographic about the Java vulnerabilities that have made so much noise in the technical press lately.

Based on an analysis of over one million end points, Bit9 concludes that, while the latest version of Java is safer, far too many companies have older versions. What is worse, a range of different versions are often in use. The explanation seems to be that Java updates didn't remove older versions for reasons of compatibility. The argument is that the older versions also allow attackers a way into the system. 

Click for larger version

You might also like to see a video explaining what Bit9 thinks the problem is and, of course, what solutions it is offering.

Yes, it's a sales pitch, but quite an interesting one: