Oracle addressed 40 security issues in Java and enabled online certificate revocation checking by default in its scheduled critical patch update for Java on Tuesday. Thirty-four vulnerabilities patched in the newly released Java 7 Update 25 (Java 7u25) affect only client deployments of Java. Another four affect both client and server deployments, one affects the Java installer and one the Javadoc tool that’s used to create HTML documentation files. Oracle started shipping a separate Server JRE package in April that doesn’t include the browser plug-in.”]