Large Oracle update to fix over 100 vulnerabilities

Large Oracle update to fix over 100 vulnerabilities

Summary: The company's quarterly update will address problems in "hundreds of Oracle products."

SHARE:
TOPICS: Security, Oracle
2

On Tuesday, Oracle will release a large set of security updates fixing 113 new security vulnerabilities across hundreds of versions of its products.

Among the major products patched are Oracle Database Server, Oracle Fusion Middleware (29 vulnerabilities), Oracle Hyperion (seven vulnerabilities), Oracle E-Business Suite (five vulnerabilities), Oracle PeopleSoft (five vulnerabilities), Oracle Siebel CRM (six vulnerabilities), Oracle MySQL Executive (ten vulnerabilities), Oracle Solaris and, of course, Oracle Java.

The update is a regularly scheduled quarterly update for Oracle.

As we had already reported, Oracle has announced that there will be no more support for Java on Windows XP.

Many of the vulnerabilities are severe and can result in remote compromise of the system. Oracle also says that many of the vulnerabilities affect multiple products. It recommends that customers apply all the updates as soon as possible.

Topics: Security, Oracle

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • sheesh Oracle

    Get your updates out in a more timely fashion. Its clearly NOT unbreakable!
    greywolf7
  • Java malware

    Very interesting is the (partial-)fix for the rogue software Java used to automatically install during auto-updating. While the default behavior still installs the malware, now there is an option for disabling it. This is mentioned in release notes as "New Java Control Panel option to disable sponsors".

    Last year, Ed Bott made an extensive analysis of this problem:
    http://www.zdnet.com/a-close-look-at-how-oracle-installs-deceptive-software-with-java-updates-7000010038/
    Rikkrdo