The update encompasses all supported copies of Oracle Database, Application Server, E-Business Suite, People Soft Enterprise, JD Edwards, WebLogic Server and Workshop for WebLogic.
Fifteen of the security patches address issues in the company's flagship Database software.
However, only one would allow an attacker to remotely access a database system without authorisation. The update will not need to be installed on machines running the client version of the database software.
The remainder of the security patches were distributed evenly among the other applications. Included in the update are fixes for a pair of remotely-exploitable flaws in Application Server and two in the E-Business Suite.
The company is strongly recommending that administrators apply the updates as soon as possible to avoid a potentially serious attack or data leak.
Oracle's patch release could lead to a busy week for IT departments. Microsoft issued the October edition of its monthly security update on Tuesday which included critical fixes for Windows, Office and Internet Explorer.
Oracle joins security patch party
By Shaun Nichols on Oct 17, 2008 7:10AM