important security tip is to uninstall all old versions of the Java VM
Installing a new version does not remove the old ones by default. They get left behind and are available to be hacked (even if not active).
Obviously if you need a specific old JVM version for a specific application then you can't remove that, but otherwise remove old versions as soon as a new one comes along.
Also in the Java applet in the control panel, on the general tab > temporary internet files > settings > UNTICK the box which says "keep temporary internet files on my machine"

Its not a lot, but it helps