Oracle has released a huge cache of fixes across its product suites, patching 193 security vulnerabilities affecting software components.
The Oracle Critical Patch Update Advisory - July 2015 includes 25 security fixes for Java, 23 of which may be remotely exploitable. It also fixes a zero-day vulnerability in Java, the first discovered in nearly two years.
Unlike in recent patches from Microsoft and Adobe, the Java flaw was not found as a result of the Hacking Team data leak.
The vulnerability has instead been linked to Operation Pawn Storm hackers, a group that targets government, media and military organisations in the US, Pakistan and Europe.
Security experts at Trend Micro discovered the zero-day vulnerability through suspicious URLs hosting the Java bug as part of an ongoing investigation into Pawn Storm.
"Based on our investigation, the latest Java version 22.214.171.124 is affected. Older versions, Java 1.6 and 1.7, are not affected by this zero-day exploit," Trend said.
Bharat Mistry, a cyber security consultant at Trend Micro, told V3 that zero-day exploits can be extremely costly to companies depending on the severity of the security gap. He added that more exploits will soon be discovered based on the sheer volume of data leaked from Hacking Team.
Oracle's Business Suite received 13 fixes, while there were seven for Oracle Supply Chain Suite, eight for PeopleSoft Enterprise and two for Oracle Commerce Platform.
The update also addressed 25 vulnerabilities in Oracle Berkeley DB, none of which are remotely exploitable without authentication.
Oracle has warned about the threats companies face if they do not update their products.
"In some instances, it has been reported that malicious attackers have been successful because customers had failed to apply available Oracle patches," the firm said.
"Oracle therefore strongly recommends that customers remain on actively supported versions and apply Critical Patch Update fixes without delay."
Microsoft released several patches in the July Patch Tuesday update, fixing critical bugs in Internet Explorer and Adobe Flash that emerged after the Hacking Team data leak.
Claims to have "the most competitive logic density" in the industry
Dell's high-end mobile workstations upgraded with Intel Coffee Lake CPUs
Webstresser admins were also arrested in the UK, Croatia, Canada and Serbia
Security firm claims that 117,638 sites out of 135,035 analysed contain serious security flaws