Oracle has released its largest set of security fixes to patch 276 vulnerabilities in the firm's enterprise software. Nineteen of the fixes are rated 9.8 out of 10 for severity and will need the immediate attention of IT managers.
July's patches from Oracle outdo the company's previous record of 248 in January.
Enterprise software security company ERPScan said that most of the fixes relate to Oracle's Fusion Middleware and Oracle Sun Systems Products Suite, but 36 address vulnerabilities in industry-specific ERP systems.
This includes 10 that can be exploited remotely without authentication, making them particularly dangerous, and 16 affecting the retail sector.
More than 40 per cent of the patches are intended to fix flaws in Oracle's various enterprise resource planning applications, including Oracle E-Business Suite, Oracle Fusion Middleware, Oracle PeopleSoft, Oracle Retail Applications, Oracle JD Edwards, Oracle Supply Chain Products and Oracle Database Server.
But the most critical problems, rated 9.8 out of 10 according to Oracle's own risk matrices, affect Oracle WebLogic Server, Oracle Director Server (enterprise edition), Hyperion Financial Reporting, Oracle Health Sciences Clinical Development Centre and Oracle Secure Global Desktop.
ERPScan said in a security blog post that the WebLogic Server vulnerability is "easily exploitable", and enables an unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server.
Similar attacks affect Directory Server, Oracle Health Sciences and the Hyperion Financial Reporting package.
The Oracle Secure Global Desktop, meanwhile, suffers from an "easily exploitable" vulnerability that allows an unauthenticated attacker with network access via SSL/TLS to compromise Oracle Secure Global Desktop.
"Successful attacks of this vulnerability can result in takeover of Oracle Secure Global Desktop," said ERPScan.
"It is highly recommended that organisations patch all these vulnerabilities to prevent business risks affecting their systems.
"Companies providing Oracle Security assessment and Oracle Penetration testing services should include these vulnerabilities in their check lists."
Acton's warnings come as Facebook is embroiled in one of the biggest data scandals in history
The unmanned tanks could eventually be kitted with AI systems
Dubbed I-MacEtch, it will help meet demand for more powerful nano-tech
GPU firm's research unit for self-driving cars is growing