10/17/2018
05:25 PM

Oracle Issues Massive Collection of Critical Security Updates

The software updates from Oracle address a record number of vulnerabilities.



Updated: 10/18/2018 to correct Onapsis blog information.

Oracle this week issued a Critical Patch Update (CPU) encompassing 301 separate updates spread across the entire Oracle family of products. While not every update is marked "critical," in all they represent a variety of vulnerabilities that Oracle recommends all customers patch as quickly as possible.

According to Onapsis, this marks one of the largest number of vulnerabilities in an Oracle CPU. In its analysis of the CPU, Onapsis says that 28 flaws share the highest-level criticality score — 9.8 — from the Common Vulnerability Scoring System (CVSS) and that more than half of the vulnerabilities lie in business-critical applications.

Waratek issued a guidance statement focusing on programming capabilties, noting that "One-third of the 12 new Java SE bugs carry a severity rating of high or critical; 11 of the 12 can be remotely exploited. Eight of the 12 new WebLogic vulnerabilities are critical."

For more, read here, here, and here.

Black Hat Europe returns to London Dec 3-6 2018  with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Copyright © 2019 UBM Electronics, A UBM company, All rights reserved. Privacy Policy | Terms of Service