Corrine Administrator, Microsoft MVP, Security Analyst Staff member Joined Feb 22, 2012 Posts 10,158 Location Upstate, NY Apr 16, 2014 #1 If you still have Java installed, it is time to update! Oracle released the scheduled critical security updates for its Java SE Runtime Environment software. Oracle reported that Java SE does not include OpenSSL and, therefore is not affected by HeartBleed and CVE-2014-0160. For Oracle products that are affected, see OpenSSL Heartbleed Vulnerability CVE-2014-0160. This is a Critical Patch Update that contains 37 fixes for Java, 35 of which Oracle indicated can be exploited by an attacker without the need for authentication. Additional details about the update are available in my blog post here. Download Link: Java Version 7 Update 55 Warning: UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.