Oraclehas given
customers advance warning of 52 security patches to be issued next
Tuesday (16 January) as part of its
quarterly security fix schedule.
It is the first time Oracle has issued such a warning and it
follows the system used by Microsoft for its monthly scheduled
patching cycle.
The Oracle Critical Patch Update for January is a collection of
patches for multiple vulnerabilities. It also includes non-security
fixes that are required because of interdependencies with the
security patches.
The 52 new security fixes cover all Oracle products. Some of the
vulnerabilities addressed in the update affect multiple
products.
There are 27 security fixes for Oracle Database products, 10 of
which may be remotely exploitable without username and password
authentication.
Of the 12 security fixes for Oracle Application Server, eight
may be remotely exploitable without authentication.
There are also seven security fixes for the Oracle E-Business
Suite, six for Oracle Enterprise Manager, and three for Oracle
PeopleSoft Enterprise.
Oracle under security scrutiny
Oracle revamps pricing for enterprise
portfolio
Comment on this article:
computer.weekly@rbi.co.uk