Does anyone out there know if JAVA has fixed the holes in their security?
All software has Security issues. The question is whether they are known to the general public and the developer. In the case of Java, it's common to see news articles saying that "oracle issues security fix".
People, however, assume the worst. They think automatically that the security problem was something that means a person can send you to a page that uses Java and take complete control of the system. That is a security issue, of course, but even being able to read the Menu bar items from a Java Applet in a browser would be a security problem. The vast majority of such "Security issues" are not nearly to the level that they can be actively used to infect people with malware without their knowledge. Other's only work in specific browsers, and still others only work across an intranet or local network.