At this time the company released a record 104 fixes for the whole range of supported its products. As described in the Oracle, the last set of Critical Patch Update includes fixes for middleware software, databases, as well as products Hyperion, Siebel, PeopleSoft, and a number of products, the company previously owned by Sun Microsystems, such as Java and MySQL.
Issue covers many patches that eliminate problems such as incorrect privileges in products unauthorized disclosure, remote code execution, and others. Several patches have been released by Oracle marked as critical and have ten ( highest ) level of threat on the scale of Oracle.
According to the description of Oracle, of 104 bugs identified 41 different products associated with Sun, including nine for the Java SE, and some of them have a 9 or 10 on a scale of assessment of threats. Corrections closed problems such as remote execution of code for control of the target system and the interception of user data. Only gets 37 April Java patches. Another four fixes released for OS Solaris, but they all have a medium or low severity.
In addition, the company released 20 fixes for Oracle Fusion Middleware, 13 of which are critical and allow remote code execution on a system without user authentication. Oracle notes that Fusion Middleware users should pay attention to update the database Oracle, since these products have a common component base . In Oracle Database themselves were eliminated two vulnerabilities, but none of them is critically dangerous.
Other fixes, including 14 vulnerabilities in MySQL Server, two of which can be operated remotely. Another eight vulnerabilities eliminated PeopleSoft, five of which can be used remotely. Finally, a number of patches received products such as Oracle Virtualization, Supply Chain Products Suite and Siebel CRM.
Main link to news: https://blogs.oracle.com/security/entry/april_2014_critical_patch_update
No comments:
Post a Comment