You're Gambling On Two Things
You're gambling that Norton and Oracle stay ahead of the malware writers.
See the links below which Norton "says" is proof that you won't get infected because they're ahead of the game with IPS signatures...:
And here's Oracle's assurance blog saying much the same:
So......if you want to be totally secure against Java exploits, you uninstall Java... The second option is to disable Java in the browser of your choice, or possibly uninstall it completely. If you feel safe enough because both your AV company and Java have taken the indicated steps, and maybe you don't visit dicey websites, then you might choose the second option. Obviously, the second option is more risky, but it may be the best one for you, specially if you use a lot of programs/websites that require Java.
Hope this helps.