IT administrators could be busy next Tuesday, after enterprise software giant Oracle announced a hefty monthly patch update, with 24 new security vulnerability fixes set to be released across hundreds of its products.The news comes just days after Microsoft announced it would be starting the year with one of its smallest Patch Tuesday releases ever – just one patch to fix a critical vulnerability in Windows 2000.Listed are ten fixes for vulnerabilities in the Oracle Database, two of which may be remotely exploited without authentication, and three fixes for the Oracle Application Server.Also at risk are the Oracle Applications Suite, with three new security fixes, the PeopleSoft and JD Edwards Suite, Primavera Products Suite, and BEA Products Suite, which has five new fixes lined up.The highest CVSS 2.0 base score for vulnerabilities in this Critical Patch Update is 10.0 for vulnerabilities affecting Listener for Oracle Database Server, Oracle Secure Backup and Oracle JRockit, said the firm.“This Critical Patch Update contains 24 new security vulnerability fixes across hundreds of Oracle products. Some of the vulnerabilities addressed in this Critical Patch Update affect multiple products,” noted a pre-release announcement by Oracle."Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible.”
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.