Oracle issues 78 patches in quarterly security update

Oracle is to release a mammoth 78 patches on Tuesday as part of the company's quarterly security update, including 23 fixes for Sun products and 13 for Database Server.

Oracle said in a Critical Patch Release pre-release announcement on Thursday that the patches have been designed to fix flaws across hundreds of its products.

"Some of the vulnerabilities addressed in this Critical Patch Update affect multiple products," the firm said.

"Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible."

Two of the 13 vulnerabilities in Oracle Database Server could be exploited remotely and without authentication, as could three in Oracle Secure Backup, according to the firm.

Oracle is also planning 18 new security fixes for Oracle Enterprise Manager Grid Control, 12 for PeopleSoft products, seven for Oracle Fusion Middleware and one each for E-Business Suite and Supply Chain Products Suite.

However, the largest number of patches is reserved for the Oracle Sun Products Suite. Nine of these vulnerabilities could be remotely exploited "over a network without the need for a username and password", the firm warned.

This quarter's patch update will keep administrators busy, but only just trumps Oracle's April update, which addressed 73 vulnerabilities in 25 products, including the Oracle Database 11g, Fusion Middleware, Application Server and People Enterprise platforms.