Breach, Patch Management

Oracle preps 24 fixes for quarterly security update

January 11, 2010

Oracle plans to distribute 24 security patches on Tuesday.

Ten of the fixes are meant for its popular Database Server offering, two of which can be remotely exploited without authentication.

Three patches are slated for the Application Server, three for the Applications Suite, one for the PeopleSoft and JD Edwards Suite, five for the BEA Products Suite and two for the Primavera Products Suite.

Three vulnerabilities have earned Oracle's highest severity rating — 10.0 on the Common Vulnerability Scoring System (CVSS), according to the company's pre-release announcement. These particular bugs are present in Listener for the Database; Oracle Secure Backup, part of the Database product; and Oracle JRockit, part of BEA Products.

Tuesday promises to be a busy day of patching, with fixes also expected from Microsoft and Adobe.

Oracle releases its patches on a quarterly basis.

prestitial ad