Oracle issues critical out-of-cycle security patch

Oracle has released a critical security patch to fix a number of vulnerabilities in its E-Business Suite software.

Oracle has released a critical security patch to fix a number of vulnerabilities in its E-Business Suite software.

The patch has been released two months ahead of Oracle’s scheduled quarterly security patching cycle, and may signal that the company is moving towards more regular updates in response to increasing threats.

The patch fixes a number of vulnerabilities in the Oracle Diagnostics troubleshooting component of the firm’s E-Business Suite 11i platform.

The bugs relate to the Oracle Diagnostics web pages and to the Java classes included with the software.

One problem allows some of the diagnostics to be executed without any authentication. The vulnerabilities could allow remote attackers to take over company systems.

Oracle has publicised the vulnerabilities and is encouraging users to update their systems immediately.

Oracle's next full security update is scheduled for 18 April.

The quarterly updates have been used by Oracle for a year. The last release saw 82 bugs ironed out.

Read more on Hackers and cybercrime prevention

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...

SearchDataManagement

Close