Homepage This page's url is: -crn- Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Jobs HPE Discover 2019 News Cisco Partner Summit 2019 News Cisco Wi-Fi 6 Newsroom Dell Technologies Newsroom Hitachi Vantara Newsroom HP Reinvent Newsroom IBM Newsroom Ingram Micro ONE 2019 News Juniper NXTWORK 2019 News Lenovo Newsroom Lexmark Newsroom NetApp Insight 2019 News Cisco Live Newsroom HPE Zone Intel Tech Provider Zone

Oracle Readies 16 Highly Critical Security Patches

Oracles is scheduled to release a total of 78 patches Jan. 17, covering most of the software maker's products.

The Redwood City, Calif.-based company is scheduled to release 78 vulnerability fixes Jan. 17. The patch breakdown by product from the company's pre-release announcement Friday includes 27 for MySQL, 11 for Fusion Middleware, three for E-Business Suite, 17 for products branded under Sun Microsystems, which Oracle bought in 2009; three for Oracle Virtualization, six for the PeopleSoft product line, eight for the JD Edwards line, two for the Oracle database server and one for the Oracle Supply Chain Product Suite.

Six dozen patches may seem like a lot, but Wolfgang Kandek, chief technology officer for security vendor Qualys, described the number as "pretty normal" for Oracle, given the company's extensive product portfolio.

While the quantity is not unusual, the patches should be taken seriously, Kandek said. The industry tends to be more focused on Microsoft's monthly patch release, because of the impact on the Windows PC, which is used by more people. Oracle's products are typically in the data center and less visible. "They are probably as critical as Microsoft programs for many companies," Kandek said.

The 16 highly critical fixes are for "remotely exploitable" vulnerabilities, which means an attacker could gain access to a system without having credentials, such as an administrative password. "That is actually the most critical vulnerability that I can think of," Kandek said. Companies should place Internet-facing systems, such as Oracle Web application servers, high on the list of systems to update.

Back to Top



sponsored resources