Oracle is set to patch a massive 81 vulnerabilities this Tuesday – more than Microsoft’s record 49 flaws due to be fixed on the same day.
Microsoft announced its biggest ever Patch Tuesday last week with 16 bulletins, four of which have been rated critical, where the flaws could lead to remote code execution.
Some of the security holes in Oracle's products are serious enough as to allow remote exploitation without the need for a username or password.
A total of 31 out of the 81 vulnerabilities are in the Oracle Sun Products Suite and 16 of these “may be remotely exploitable without authentication,” according to an advisory from the tech giant.
The most serious vulnerability being addressed in the update is one affecting Solaris Scheduler, Oracle explained.
Seven security fixes have been announced for the Oracle Database Server as well, one of which will address a vulnerability that could allow for remote exploitation without authentication.
“Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible,” the firm said.
“While this pre-release announcement is as accurate as possible at the time of publication, the information it contains may change before publication of the Critical Patch Update Advisory.”