The affected Oracle software includes Oracle Database versions 9i, 10g and 11g, Oracle Secure Backup, Oracle TimesTen, Oracle Application Server, Oracle Collaboration Suite and Oracle Weblogic Server.
Oracle Secure Backup has the most critical vulnerabilities and will get nine security fixes, all to address problems that Oracle says can be exploited remotely without authentication.
The company strongly recommends that all customers apply these fixes as soon as they are released.
More details about all of the vulnerabilities should become available at that time.
On an unrelated note, Microsoft plans to issue one security patch next Tuesday that affects Windows 2000, Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008.
That patch is labelled critical for all systems except Windows Vista and Server 2008, for which it is labelled moderate severity.
Microsoft's update will also include new versions of the Windows Malicious Software Removal Tool and the Vista spam email filter.
Oracle takes over Patch Tuesday
By Egan Orion on Jan 12, 2009 12:28PM