Oracle is preparing to patch 37 security vulnerabilities next Tuesday as part of its quarterly patch release cycle.
The updates span all of Oracle's enterprise applications, ranging from its database software to the Oracle, JD Edwards, Peoplesoft and Siebel enterprise applications. Seven of the vulnerabilities can be remotely exploited by an attacker without the need for a username or password.
The severity of the vulnerabilities ranges from a Common Vulnerability Scoring System (CVSS) score of 1.4, or very minor, to 7.0, the system's highest threat level.
Oracle's previous patch was issued in January and plugged 52 vulnerabilities. That update was the first to be preceded by an advance warning. The company expects that issuing advance warnings will give system administrators more time to prepare for the updates.
Oracle moved to a quarterly update system in 2004 in hopes that less-frequent patch releases would ease the burden on IT departments charged with installing and testing the updates.
The company came under fire late last year from security experts who claimed that avenues for attack in the Oracle software are plentiful and easy to find. Experts have also been critical of the way Oracle handles vulnerability disclosures and security fixes.
Some parts of Atacama have not received rainfall for 500 years - but a sudden deluge of water upset the Desert's delicate biological balance
Spitzer Space Telescope could not spot Oumuamua, suggesting that it is actually pretty small
Greenland crater one of the 25 largest impact craters on Earth
This long-sought progenitor star was identified in an image captured by Hubble in 2007