Breach, Data Security, Patch/Configuration Management, Vulnerability Management

Oracle fixes add to massive patch load expected Tuesday

On the heels of Microsoft announcing a planned record-breaking security update for next week, database giant Oracle has countered with plans of a monster patch delivery itself.

Specifically, Oracle plans to ship 81 fixes — 31 of which lie in its newly acquired Sun Product Suite — as part of its quarterly security update due Tuesday, the same day Microsoft's update will arrive. Sixteen of the Sun bugs are remotely exploitable.

An additional seven fixes are planned for the popular Database Server, though only one of the vulnerabilities is remotely exploitable. The most severe Database flaw being patched earned a score of 7.5 (out of 10) on the company's Common Vulnerability Scoring System (CVSS).

As well, 21 fixes are slated for the PeopleSoft and JDEdwards Suite, eight for Fusion Middleware, six for the E-Business Suite, four for the Siebel Suite and two for the Supply Chain Products Suite. To round out the update, a single patch is expected for the Primavera Products Suite.

"Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply [the] fixes as soon as possible," according to a notification released Friday.

IT personnel will be busy next week. Earlier this week, Microsoft announced plans to ship 16 bulletins to patch 49 vulnerabilities across its product line, including Windows, Internet Explorer, Office and the .NET Framework.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds