// IP Marketing video - START// IP Marketing video - END

Oracle rolls out massive critical patch update

Oracle rolls out massive critical patch update

PanARMENIAN.Net - Oracle has released a swathe of security updates culminating in a massive 104 new security fixes for products including Java, Fusion Middleware and MySQL, according to ZDNet.

The California-based firm's latest critical patch update (CPU) includes 37 Java SE vulnerabilities, four of which deemed critical after receiving a CVSS Base Score of 10. Out of these security flaws, 29 affected client-only deployments, while six affected both client and server deployments of Java. One affects the Javadoc tool and one affects unpack200. CVE-2014-2398 can be exploited remotely and so updates should not be stalled in order to keep your system safe.

The CPU also provides 20 Fusion Middleware vulnerability fixes. The highest CVSS Base Score for these Fusion Middleware vulnerabilities is 7.5, which is fairly severe in Oracle's measurements. Each one can be exploited using HTTP, and 13 can be exploited remotely without authorization.

MySQL version 5.5 and 5.6 have received patch updates, and only one, CVE-2014-2431, is exploitable remotely. However, there are 14 security vulnerabilities in total for this software.

Two fixes were issued for Oracle's flagship software, the Oracle Database, and both security flaws would need credentials before systems could be exploited remotely, ZDNet says.

Other product lines affected by the latest CPU include Hyperion, Supply Chain Product Suite, PeopleSoft Enterprise, Sun Systems Products Suite and Oracle Linux and Virtualization. Due to the severity of this update, it is recommended to apply the patch immediately.

The next CPU date is 15 July this year.

 Top stories
Apple is suing a company for trademark infringement, alleging that the firm has been passing off counterfeit Apple chargers as the real thing.
Valley VC Learn Capital led the round, joining a number of other unnamed private investors who have already backed SoloLearn.
The new shift and deadline come after months of strategy disagreements, leadership flux and supply chain challenges inside Apple’s car labs.
AThe patent was first filed for in June 2015 and credits Erik G. de Jong, Anna-Katrina Shedletsky and Prashanth S. Holenarsipur as its inventors.
Partner news