Oracle fixes add to massive patch load expected Tuesday

Share this article:

On the heels of Microsoft announcing a planned record-breaking security update for next week, database giant Oracle has countered with plans of a monster patch delivery itself.

Specifically, Oracle plans to ship 81 fixes — 31 of which lie in its newly acquired Sun Product Suite — as part of its quarterly security update due Tuesday, the same day Microsoft's update will arrive. Sixteen of the Sun bugs are remotely exploitable.

An additional seven fixes are planned for the popular Database Server, though only one of the vulnerabilities is remotely exploitable. The most severe Database flaw being patched earned a score of 7.5 (out of 10) on the company's Common Vulnerability Scoring System (CVSS).

As well, 21 fixes are slated for the PeopleSoft and JDEdwards Suite, eight for Fusion Middleware, six for the E-Business Suite, four for the Siebel Suite and two for the Supply Chain Products Suite. To round out the update, a single patch is expected for the Primavera Products Suite.

"Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply [the] fixes as soon as possible," according to a notification released Friday.

IT personnel will be busy next week. Earlier this week, Microsoft announced plans to ship 16 bulletins to patch 49 vulnerabilities across its product line, including Windows, Internet Explorer, Office and the .NET Framework.

Share this article:

Sign up to our newsletters

More in News

DDoS attacks remain up, stronger in Q2, report says

DDoS attacks remain up, stronger in Q2, report ...

Prolexic's second quarter DDoS report noted the proliferation of shorter attacks that ate up more bandwidth.

Superman soars above fellow superheroes as most toxic search term

A McAfee study found that searches pertaining to Superman exposed users to the most infected websites.

Black Hat talk on Tor weaknesses canceled

Black Hat organizers say legal counsel for the Software Engineering Institute and Carnegie Mellon University nixed the session.