Oracle today released patches for 78 flaws in its software, covering the majority of its products.
A total of 16 are categorised as critical, meaning they could be exploited for remote code execution.
"Most of their products, including the acquisitioned PeopleSoft, JD Edwards, Weblogic and the recent Sun/MySQL lines, are affected by this update," advised Wolfgang Kandek, CTO of security company Qualys.
"Only PeopleSoft and the virtualisation products are not affected by this critical rating - everybody else should pay close attention to the release.
"One notable exception is the Java programming language as it is updated on a separate schedule and had its last release in December 2011."
You can find the full list of affected products here.
Oracle's list of patches makes for a busy January for IT departments, following Adobe and Microsoft announcements from earlier this month.
Microsoft, which usually keeps January quiet for patching, issued seven security bulletins covering eight vulnerabilities. One of those covered the BEAST SSL flaw highlighted by researchers last year.
Researchers found a way to exploit a long-known flaw in TLS (Transport Layer Security) that could have undermined the security credentials of the SSL cryptographic protocol and affected millions of sites. However, little emerged from the discovery and the Redmond giant now has Windows users' backs covered.
Adobe, meanwhile, addressed critical flaws in Reader and Acrobat on the same day (10 January).
-
How to implement a four-day week in techIn-depth More companies are switching to a four-day week as they look to balance employee well-being with productivity
-
Intelligence sharing: The boost for businessesIn-depth Intelligence sharing with peers is essential if critical sectors are to be protected
-
Scania admits leak of data after extortion attemptNews Hacker stole 34,000 files from a third-party managed website, trucking company says
-
CISA issues warning in wake of Oracle cloud credentials leakNews The security agency has published guidance for enterprises at risk
-
Oracle breach claims spark war of words with security researchersNews A war of words has erupted between Oracle and cybersecurity researchers following claims the company suffered a security breach.
-
The big book of selling data protectionWhitepaper Agile risk management starts with a common language
-
Detection is not enough: Exposed assets require rapid mitigation to reduce and eliminate riskWhitepaper Agile risk management starts with a common language
-
Modern enterprise cybersecuritywhitepaper Cultivating resilience with reduced detection and response times
-
IDC InfoBrief: How CIOs can achieve the promised benefits of sustainabilitywhitepaper CIOs are facing two conflicting strategic imperatives
-
“By this time next year, Oracle employees won't be using passwords” — Larry Ellison wants a biometric future in cybersecurityNews The Oracle CTO hit out at passwords, calling them insecure and easy to steal
