Security

Oracle to release mega-patch fixing 51 security holes on Tuesday

Oracle is to release updates on Tuesday (October 16) that patches 51 security vulnerabilities across hundreds of products.

Oracle will release updates on Tuesday, October 16 that patch 51 security vulnerabilities across hundreds of products.

The list of updates is as follows (excerpt from The Register):

Oracle Database is affected by 27 vulnerabilities. Five of these vulnerabilities may be remotely exploitable without authentication (may be exploited over a network without the need for a username and password). None of these fixes are applicable to Oracle Database client-only installations. Oracle Application Server is affected by 11 vulnerabilities. Seven of these vulnerabilities may be remotely exploitable without authentication. No new fixes are applicable for client-only installations. Oracle E-Business Suite and Applications is affected by eight vulnerabilities. Only one of the vulnerabilities is described as remotely exploitable without the need for authentication. Oracle Enterprise Manager is affected by two vulnerabilities that may exploited over a network without the need for user/password credentials. Oracle PeopleSoft Enterprise PeopleTools and JD Edwards EnterpriseOne are affected by three vulnerabilities. None of these vulnerabilities may be exploited remotely without authentication.

You can read more from the official Oracle critical patch update pre-release announcement - October 2007. Oracle generally issues patches every quarter. In July, it issued updates fixing 45 vulnerabilities.

About

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

0 comments

Editor's Picks