It is a bit flaky, yeah.
It's own updater doesn't seem too reliable, either, and past versions would not delete older versions installed prior, so they could sit there, being vulnerable, and (unless you were a bit techy) you wouldn't know.

The Secunia application, although not perfect/the silver bullet, does a very good job of warning of vulnerabilities in most 3rd party software, Java included.