Well you can use Secunia PSI to check for the latest java to be installed. Java in Google chrome browser ask you before the plug-in canbe used, to allow the use of it. If you do not trust it, do not run, so deny the use of it. If you get a message that the plug-in is not the most recent version, you have to install the latest. With BetterPop up Blocker extension & Not Scripts I allow just what would run from which domain. But I advice to do some pre-scanning to know a site does not have java malware on it. And if you do not need java, do not use it,
polonus