Oracle today released patches for 78 flaws in its software, covering the majority of its products.
A total of 16 are categorised as critical, meaning they could be exploited for remote code execution.
"Most of their products, including the acquisitioned PeopleSoft, JD Edwards, Weblogic and the recent Sun/MySQL lines, are affected by this update," advised Wolfgang Kandek, CTO of security company Qualys.
"Only PeopleSoft and the virtualisation products are not affected by this critical rating - everybody else should pay close attention to the release.
"One notable exception is the Java programming language as it is updated on a separate schedule and had its last release in December 2011."
You can find the full list of affected products here.
Oracle's list of patches makes for a busy January for IT departments, following Adobe and Microsoft announcements from earlier this month.
Microsoft, which usually keeps January quiet for patching, issued seven security bulletins covering eight vulnerabilities. One of those covered the BEAST SSL flaw highlighted by researchers last year.
Researchers found a way to exploit a long-known flaw in TLS (Transport Layer Security) that could have undermined the security credentials of the SSL cryptographic protocol and affected millions of sites. However, little emerged from the discovery and the Redmond giant now has Windows users' backs covered.
Adobe, meanwhile, addressed critical flaws in Reader and Acrobat on the same day (10 January).
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
Oracle breach claims spark war of words with security researchersNews A war of words has erupted between Oracle and cybersecurity researchers following claims the company suffered a security breach.
-
The big book of selling data protectionWhitepaper Agile risk management starts with a common language
-
Detection is not enough: Exposed assets require rapid mitigation to reduce and eliminate riskWhitepaper Agile risk management starts with a common language
-
Modern enterprise cybersecuritywhitepaper Cultivating resilience with reduced detection and response times
-
IDC InfoBrief: How CIOs can achieve the promised benefits of sustainabilitywhitepaper CIOs are facing two conflicting strategic imperatives
-
“By this time next year, Oracle employees won't be using passwords” — Larry Ellison wants a biometric future in cybersecurityNews The Oracle CTO hit out at passwords, calling them insecure and easy to steal
-
NetSuite vulnerability could leave thousands of websites exposedNews The issue stems from a misconfiguration of access controls in NetSuite's SuiteCommerce instances
-
Security operations use case guideWhitepaper Improve your cyber resilience and vulnerability management while speeding up response times
