IT managers face a barrage of security updates this week, after both Microsoft and Oracle released a range of issues and fixes on Tuesday.
Microsoft's patches appeared overnight for UK firms, and range from 'critical' to 'important'. IT managers who have waited a year to see an infamous ActiveX vulnerability plugged will be relieved to see that a fix for that issue has been included, along with others that prevent remote code execution and could contribute to botnet infections and denial of service attacks.
However, Microsoft's release of six patches for nine vulnerabilities pales into insignificance when compared to the 30 vulnerability fixes from Oracle.
"Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply the fixes as soon as possible. This Critical Patch Update contains 30 new security fixes across all products," the firm said.
Ten of the fixes apply to Oracle databases, and 20 to applications.
Monthly patch updates were designed in part to make it easier for firms to manage their security cycles, but the system has its critics.
Andrew Clarke, senior international vice president at Lumension, said that the range and complexity of the fixes left companies ripe for exploitation.
"With this month's Patch Tuesday, nearly every popular web browser (Microsoft, Apple, Mozilla and Google) required some form of immediate attention, leaving IT departments scrambling to install a patch or workaround to deal with potentially significant issues," he said.
Microsoft was also criticised for not releasing a fix for all currently identified problems in its latest security patches.
"Despite today's fixes, Windows users continue to be under attack. McAfee has recently seen new attacks that exploit the unpatched Office Web Components vulnerability," said Dave Marcus, director of security research and communications at McAfee Avert Labs.
"The attacks involve booby-trapped web sites that load malicious code onto a vulnerable computer. The compromised PCs are commandeered and join a network of hijacked computers."
Wolfgang Kandek, chief technology officer at Qualys, commented on the severity of the patches, and urged firms to update systems as soon as possible.
"These three advisories should be addressed immediately, as they allow the attacker to fully control the victim's computer," he said.
IBM and Technical University of Munich team demonstrate how Shor's algorithm, which can't be cracked by conventional computers, can be solved quickly with quantum computing
Hubble Space Telescope finds superflares from young red dwarfs could strip away planetary atmosphere
Younger stars are 100 to 1,000 times more energetic than when they're older
Two of the big four supermarkets will use the system to control sales of restricted products
PUBG news and updates: November's Update #23 to bring new Skorpion pistol and changes to blue zone visibility
Genuinely useful side-arm coming to PUBG in Update #23