Oracle Issued Critical Patch Update To Close88 Security Hole
As part of its Critical Patch Update (CPU) Oracle released 88 security fixes addressing vulnerabilities in over 35 products in its portfolio. Last CPU of Oracle closed 78 security holes but this time the list added ten more so 78 became 88. Unlike Microsoft, which releases patches every month, Oracle follows a quarterly patch schedule across its entire product portfolio, excluding Oracle Enterprise Linux and Java.This April's Critical Patch Update contains six fixes for the Oracle Database Server, 11 for Oracle Fusion Middleware, 15 in Oracle Sun products, and six in MySQL, the company said in its CPU advisory released Apr. 17. Other affected suites include Oracle Enterprise Manager Grid Control, Oracle e-Business Suite, Oracle Supply Chain, Oracle PeopleSoft, Oracle Industry Applications, Oracle Financial Services, and Oracle Primavera Products. There are 15 new security fixes for the Oracle Sun Products Suite, five of which could be remotely exploited without the need for a username or password. Of the 88 fixes, 33 were considered critical, meaning they could be remotely exploited without needing a username and password. In contrast, January's CPU had only 16 remote code execution vulnerabilities. "Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible," the company said in the advisory.
0 comments:
Post a Comment