Oracle issues 78 vulnerability patches

Combined with Microsoft and Adobe patches, Oracle has made IT departments' lives a little harder this month.

Oracle

Oracle today released patches for 78 flaws in its software, covering the majority of its products.

A total of 16 are categorised as critical, meaning they could be exploited for remote code execution.

"Most of their products, including the acquisitioned PeopleSoft, JD Edwards, Weblogic and the recent Sun/MySQL lines, are affected by this update," advised Wolfgang Kandek, CTO of security company Qualys.

"Only PeopleSoft and the virtualisation products are not affected by this critical rating - everybody else should pay close attention to the release.

"One notable exception is the Java programming language as it is updated on a separate schedule and had its last release in December 2011."

You can find the full list of affected products here.

Oracle's list of patches makes for a busy January for IT departments, following Adobe and Microsoft announcements from earlier this month.

Microsoft, which usually keeps January quiet for patching, issued seven security bulletins covering eight vulnerabilities. One of those covered the BEAST SSL flaw highlighted by researchers last year.

Researchers found a way to exploit a long-known flaw in TLS (Transport Layer Security) that could have undermined the security credentials of the SSL cryptographic protocol and affected millions of sites. However, little emerged from the discovery and the Redmond giant now has Windows users' backs covered.

Adobe, meanwhile, addressed critical flaws in Reader and Acrobat on the same day (10 January).

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Security best practices for PostgreSQL

Securing data with PostgreSQL

Download now

Transform your MSP business into a money-making machine

Benefits and challenges of a recurring revenue model

Download now

The care and feeding of cloud

How to support cloud infrastructure post-migration

Watch now

Recommended

Hackers leak data from dark web marketplace
cyber security

Hackers leak data from dark web marketplace

9 Apr 2021
How to encrypt files and folders in Windows 10
encryption

How to encrypt files and folders in Windows 10

9 Apr 2021
The definitive guide to IT security
Whitepaper

The definitive guide to IT security

9 Apr 2021
Evidence suggests REvil behind Harris Federation ransomware attack
ransomware

Evidence suggests REvil behind Harris Federation ransomware attack

9 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
Hackers are using fake messages to break into WhatsApp accounts
instant messaging (IM)

Hackers are using fake messages to break into WhatsApp accounts

8 Apr 2021
Alienware’s new gaming laptop is a kick in the teeth for Intel’s new CEO
Hardware

Alienware’s new gaming laptop is a kick in the teeth for Intel’s new CEO

8 Apr 2021