Go to listing page

Oracle releases 248 security patches to fix vulnerabilities across different products

Oracle releases 248 security patches to fix vulnerabilities across different products
  • 33 of the security patches address critical vulnerabilities that are marked above 9 on the severity scale.
  • A total of 189 vulnerabilities could be remotely exploited without authentication.

Oracle has pushed out security patches as a part of the company’s quarterly security update. The patches will address 248 vulnerabilities found across its multiple products.

About the fixes

33 of the security patches address critical vulnerabilities that are marked above 9 on the severity scale. A total of 189 vulnerabilities could be remotely exploited without authentication.

“Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay” said the firm in its security advisory.

The newly released critical patch update addresses flaws in products such as Database Server, Communications Applications, E-Business Suite, Financial Services Applications, Fusion Middleware, Java SE, MySQL, PeopleSoft Products, Retail Applications, and Sun Systems Products Suite, among others.

Most impacted products

Fusion Middleware was among the most impacted products, for which a total of 62 fixes were released. Of these 62, 57 addressed remotely exploitable vulnerabilities. Communications applications scored the second position with 33 fixes, 29 for remotely exploitable flaws.

MySQL and Virtualization received 30 patches each.

Oracle recommends users to go through the security updates and apply the patches immediately. Delay in patching could result in unwanted consequences, with attackers taking control over systems.

Cyware Publisher

Publisher

Cyware