Wednesday, October 17, 2012

3 Must-Fix Vulnerabilities Top Oracle CPU Patches

<p>Systems administrators on all IT fronts will have their hands busy patching Oracle vulnerabilities across the software giant's portfolio with the release this week of the company's quarterly Critical Patch Update. Security experts warn enterprises to pay particular attention to this last CPU of the year, which today took the wraps off over 100 fixes affecting 10 different product groups, with one or more vulnerabilities in each group open to remote exploitation without exploitation.</p><p>[Forgetting something? Don't get caught with your patch down. See 5 Systems Your Forgetting To Patch. ]</p><p>Of particular note among the fixed vulnerabilities named by Oracle were two flaws with a CVSS base score of 10.0, one for the Core RDBMS database product and one for Oracle Fusion Middleware's JRockit component, as well as another MySQL flaw with a CVSS score of 9.0. According to Oracle, the highly critical JRockit fix was actually part of a broader Java SE Critical Patch to address multiple vulnerabilities affecting the Java Runtime Environment, some of which security pundits expected to address zero-day vulnerabilities disclosed by Security Explorations last month.</p><p>"Many were anticipating Oracle would patch Java Runtime Environment (JRE), which they did with Java Runtime Environment Version 7 Update 9 and Version 6 Update 37," says Marcus Carey, security Researcher for Rapid7. "I advise everyone who needs Java to update as soon as possible."</p><p><a href="http://www.darkreading.com/vulnerability-management/167901026/security/news/240009195/3-must-fix-vulnerabilities-top-oracle-cpu-patches.html">Keep reading...</a></p><p>Read also:</p><p><a href="http://www.h-online.com/security/news/item/Stormy-October-patch-day-for-Oracle-1731176.html">Stormy October patch day for Oracle</a> (The H)</p><p><a href="http://www.net-security.org/secworld.php?id=13783">Oracle patches 109 vulnerabilities</a> (Help Net Security)</p><p>Explore: <a href="http://news.google.com/news/more?ncl=d3wK45u3tE8-ZRMf1njWN6weNw67M&ned=us">4 additional articles.</a></p>

News Timeline

Article Archive