IT administrators could be busy next Tuesday, after enterprise software giant Oracle announced a major monthly patch update, with 24 new security vulnerability fixes set to be released across hundreds of its products.
The news comes just days after Microsoft announced that it would be starting the year with one of its smallest Patch Tuesday releases ever - just one patch to fix a critical vulnerability in Windows 2000.
Oracle has listed 10 fixes for vulnerabilities in the Oracle Database, two of which may be remotely exploited without authentication, and three fixes for the Oracle Application Server.
Also at risk are the Oracle Applications Suite, with three new security fixes, the PeopleSoft and JD Edwards Suite, Primavera Products Suite, and BEA Products Suite, which has five new fixes lined up.
The highest CVSS 2.0 base score for vulnerabilities in this Critical Patch Update is 10.0 for vulnerabilities affecting Listener for Oracle Database Server, Oracle Secure Backup and Oracle JRockit, said the firm.
"This Critical Patch Update contains 24 new security vulnerability fixes across hundreds of Oracle products. Some of the vulnerabilities addressed in this Critical Patch Update affect multiple products," noted a pre-release announcement by Oracle.
"Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible."
Why does Facebook store "my entire call history with my partner's mum", asks developer who requested his Facebook data
Facebook database included text-message metadata - despite not using Facebook Messenger for SMS
Before Ocado could start selling the technology it had developed to other retailers, it had to tear down and rebuild its own monolithic architecture
Successful attack could result in harm to patients and financial loss, warns NHS governing body
Guccifer 2.0 claimed to be a lone Romanian hacker - until a schoolboy error gave him, her or them away