January 11, 2010

Oracle preps 24 fixes for quarterly security update

Oracle plans to distribute 24 security patches on Tuesday.

Ten of the fixes are meant for its popular Database Server offering, two of which can be remotely exploited without authentication.

Three patches are slated for the Application Server, three for the Applications Suite, one for the PeopleSoft and JD Edwards Suite, five for the BEA Products Suite and two for the Primavera Products Suite.

Three vulnerabilities have earned Oracle's highest severity rating — 10.0 on the Common Vulnerability Scoring System (CVSS), according to the company's pre-release announcement. These particular bugs are present in Listener for the Database; Oracle Secure Backup, part of the Database product; and Oracle JRockit, part of BEA Products.

Tuesday promises to be a busy day of patching, with fixes also expected from Microsoft and Adobe.

Oracle releases its patches on a quarterly basis.

Related Articles
Related Topics

Sign up to our newsletters

More in News

House Intelligence Committee OKs amended version of controversial CISPA

Despite the 18-to-2 vote in favor of the bill proposal, privacy advocates likely will not be satisfied, considering two key amendments reportedly were shot down.

Judge rules hospital can ask ISP for help in ID'ing alleged hackers

The case stems from two incidents where at least one individual is accused of accessing the hospital's network to spread "defamatory" messages to employees.

Three LulzSec members plead guilty in London

Ryan Ackroyd, 26; Jake Davis, 20; and Mustafa al-Bassam, 18, who was not named until now because of his age, all admitted their involvement in the hacktivist gang's attack spree.