Oracle Readies Huge Security Update

Oracle is preparing to release to its customers a huge Critical Patch Update that will fix 59 new security vulnerabilities across its product portfolio.

The fixes follow an update in April that covered 47 vulnerabilities across Oracle’s product lines.

This time, 21 of the 59 impact the Solaris product suite, which the company acquired when it bought Sun Microsystems. Seven of those can be exploited remotely without authentication, according to Oracle’s pre-patch advisory. Among the Oracle Solaris Suite products affected by the vulnerabilities Solaris, Solaris Studio and Sun GlassFish Enterprise Server.

Oracle also has plans for 13 fixes for its database products, including six for the Oracle Database Server. There are also two patches for the TimesTen In-Memory Database and five patches for Oracle Secure Backup.

Sixteen security fixes are slated for Oracle Applications, while seven are coming for Oracle Fusion Middleware. There is also one for Oracle Enterprise Manager.

“Some of the vulnerabilities addressed in this Critical Patch Update affect multiple products,” Oracle stated in the advisory. “Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible.”