Oracle patch security vulnerability includes 23 database flaws

Source: Internet
Author: User
Tags local time client oracle database

Oracle local time 18th released a July security update to repair 65 software deficiencies, including a number of serious cross product issues.

The repairs include many serious weaknesses. Darius Wiles, Oracle's senior manager responsible for security warnings, said 27 of the 65 errors could be exploited by anonymous remote attackers.

Oracle does not recommend any alternative, only to urge customers to repair the system as soon as possible. "We fix flaws in a serious order," Wiles said. Critical Patch Update (Critical patch update, abbreviation CPU) is part of the most urgent. We strongly recommend that customers implement these security patches as soon as possible. ”

Oracle's July CPU fixes 23 Database product flaws, 1 Collaboration Suite collaboration suite software issues, 10 Application server flaws, 20 e-business Suite and application related issues, 4 weaknesses in Enterprise Manager, PeopleSoft (PeopleSoft) Enterprise Portal software and JD Edwards Software, also two and one vulnerabilities were patched.

In addition, the Oracle database with the client software, this time also has 4 security vulnerabilities to repair. This is the second time Oracle has been providing PC software updates since the January 2005 launch of the CPU.

Wiles said: "Customers need to consider using the July CPU to update their desktop computers, but most of the CPU only for the database server." ”

According to Oracle's security warning, 3 of the 4 flaws in the client software are considered serious problems and can be exploited by remote attackers without any verification. The update also covers a database weakness that the company accidentally exposed this April.

Oracle has always adopted a policy of secrecy and closure on security topics, but April 6 posted an outstanding detail on its Metalink client website.

At the same time, Oracle's security update policy has also suffered fierce criticism from outside. The company hopes to wash its notoriety this time, Wiles said: "Our goal is to provide quality patches on the official release day." ”

The July update should cover 250 software fixes for Oracle products on a variety of operating system platforms, Wiles said. However, 10 of them remain unfinished and some may take a longer time.

Oracle has not found that the weakness of the patch has been used to launch any attack. The company's slow response to security issues has been criticized by security experts. Wiles said that the current issue of receiving briefings will be resolved with future updates.



Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.