Oracle Quarterly Patch Update Addresses Nearly 300 Vulnerabilities

By Marcos Colon

Tech giant Oracle has patched close to 300 vulnerabilities in its products on Tuesday as part of its quarterly critical patch update (CPU).

Of the 299 bugs addressed, patches for an exploited vulnerability in the Apache Struts framework were included, in addition to fixes for a Solaris exploit leveraged by the National Security Agency, according to the CPU advisory.

The vulnerability in Apache Struts 2 impacted many of the company’s products which feature the framework, including Communications, Retail and Financial Services applications, in addition to Oracle WebCenter Sites and WebLogic Server among others. In total, 25 instances of the vulnerability were addressed.

The Solaris 10 flaw, which was tied to a recent leak made by the infamous Shadow Brokers hacking collective, has also been fixed.

CSO Online has provided a full review of the CPU that security managers are urged to take note of.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.