Oracle to patch 66 security flaws

News 17 Jan, 2011

Critical patches for hundreds of Oracle products will be released tomorrow.

Oracle is set to fix a sizeable 66 security flaws across its product portfolio in a patch due to go out tomorrow.

The critical flaws affected hundreds of the company’s products including 16 fixes alone for Oracle’s Fusion Middleware offering – 12 of which tackled remote code execution issues.

The company will also be patching Sun products, with 21 fixes overall affecting the likes of Solaris, Sun Java System Portal Server and SunMC. There were also two patches for Open Office which if unchecked could be remotely exploitable by hackers.

In an announcement on its website, Oracle said: “Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible.”

The huge patch is quite a contrast to last week’s fixes released by Microsoft. It was one of its smallest Patch Tuesdays to date, with only two vulnerabilities – one rated as critical.

However, two zero day flaws are still at large and Microsoft has yet to release a patch for either.