Date:17/01/12
Oracle said in a security update that vulnerabilities will be addressed in the Oracle Database Server, Fusion Middleware, E-Business suite, Supply Chain, PeopleSoft, JD Edwards, Virtualization, Sun and MySQL products.
Enterprises will be keen to test and install the patches as soon as possible, as some of the vulnerabilities could allow cyber attackers to infiltrate corporate databases and steal valuable data.
The firm admitted that, until patched, the vulnerabilities in the Oracle Database Server may enable attackers to remotely access the database without the need for a username and password. It added that these fixes are only applicable to installations that involve the Oracle Database Server itself, rather than client-only installations.
There are also five vulnerabilities in Oracle Fusion Middleware that could allow unauthenticated database access, and one in Oracle's JD Edwards platform. However, it is MySQL that has the largest number of security flaws to be addressed by the patch, with 27.
Oracle said that one of these can be exploited over a network without the need for a username or password. Oracle recommended that the updates be applied as quickly as possible. "Some of the vulnerabilities addressed in this Critical Patch Update affect multiple products," it said.
"Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible."
Oracle plans huge security update this week
Oracle has planned a huge swathe of security updates for Tuesday this week, with 78 vulnerabilities among the hundreds of its products slated to be patched.Oracle said in a security update that vulnerabilities will be addressed in the Oracle Database Server, Fusion Middleware, E-Business suite, Supply Chain, PeopleSoft, JD Edwards, Virtualization, Sun and MySQL products.
Enterprises will be keen to test and install the patches as soon as possible, as some of the vulnerabilities could allow cyber attackers to infiltrate corporate databases and steal valuable data.
The firm admitted that, until patched, the vulnerabilities in the Oracle Database Server may enable attackers to remotely access the database without the need for a username and password. It added that these fixes are only applicable to installations that involve the Oracle Database Server itself, rather than client-only installations.
There are also five vulnerabilities in Oracle Fusion Middleware that could allow unauthenticated database access, and one in Oracle's JD Edwards platform. However, it is MySQL that has the largest number of security flaws to be addressed by the patch, with 27.
Oracle said that one of these can be exploited over a network without the need for a username or password. Oracle recommended that the updates be applied as quickly as possible. "Some of the vulnerabilities addressed in this Critical Patch Update affect multiple products," it said.
"Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible."
Views: 1104
©ictnews.az. All rights reserved.Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World