Oracle addresses 86 flaws in January patch release

Oracle has released the January edition of its monthly security update, with fixes for more than 80 vulnerabilities.

The release comes amid heightened concerned about the security of Oracle's Java platform, with some industry watchers advising users to turn off.

Oracle said that the scheduled update which includes includes more than 80 vulnerability fixes, would address flaws in many of its major platforms, including Oracle Database 10g and 11g, Fusion Middleware, Enterprise Manager and PeopleSoft.

Additionally, the update will address flaws in MySQL Server and the JDEdwards, Siebel and Sun product families.

The company said that the update was 'critical' and would be cumulative for many of the products, allowing users and administrators to patch previously-fixed vulnerabilities with the latest update.

Oracle is advising users and administrators to test and deploy the patches as soon as possible. Among the patched vulnerabilities are flaws which, if exploited, could allow an attacker to remotely execute code on a targeted system.

The scheduled update comes just days after Oracle issued an unscheduled patch to address a zero-day flaw in Java which is being actively targeted by malware writers and web-based exploit kit developers.

Oracle will likely be issuing another unscheduled update in the coming days, as attackers have discovered and targeted yet another zero-day flaw in the Java platform.