Oracle pushed out a massive patch update today, covering 88 vulnerabilities across 30 products.
The fixes include six for Oracle Database Server, three of which may be remotely exploitable without authentication, and another 11 for Fusion Middleware, nine of which could be exploited without the need for a username and password.
A number of the Fusion Middleware security holes scored the maximum CVSS Base Score for vulnerabilities of 10.0.
There are 15 new security fixes for the Oracle Sun Products Suite, five of which could be remotely exploited without the need for a username or password.
A total of 33 flaws were classed as remote code execution (RCE) vulnerabilities.
“Compare this to last quarter’s release, which had 16 RCEs in 78 patches. Of the mainstream software lines, only MySQL and the Siebel Clinic product are not affected by the RCE type vulnerabilities; system administrators and users of all other software lines should be prepared to review the release with care next Tuesday,” noted Qualys CTO, Wolfgang Kandek, in a blog post.
Oracle will not be issuing an update for Java, as the enterprise tech giant manages it on a separate schedule. The company last issued an update for Java in February, but it did not release a patch for the Mac version.
This led cyber criminals to exploit the vulnerabilities using variants of the Flashback Trojan, compromising as many as 650,000 machines. That number has now been drastically reduced, thanks to efforts from the security community and various Java updates from Apple itself.
Earlier this week, it emerged another Mac OS Trojan, known as SabPub, was exploiting Java vulnerabilities just as Flashback was.
How much do you know about security? Test yourself with our quiz!
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…