From a security perspective though, Java Web Start applications can be used as an attack vector for exploiting vulnerabilities in the Java runtime, just like Applets.