Another user-dependent way of reducing the risk of encountering a malicious Java applet is to use one Web browser with Java disabled for general browsing and another one with Java enabled only for accessing trusted Java-based Web applications.

Such a policy might be hard to enforce on a business network. However, it might be practical for security-conscious users who need to use certain Web-based Java applications from their personal computers on a regular basis.

Finally, there is an created by Michael Schierl, a security researcher who found other Java vulnerabilities in the past, that is being distributed by independent security researchers Andre' M. DiMino and Mila Parkour from DeepEnd Research.

The patch appears to block the exploit used in the attacks seen so far, but its creator doesn't guarantee that it will block all ways of exploiting this vulnerability that might be used in future exploits.

The patch was only subjected to limited testing and, as any unofficial patch, comes with no guarantee that it won't prevent legitimate programs from working properly after it is deployed. Because of this, DiMino and Parkour are only giving it to companies that email them and clearly explain the reasons for needing it.