Oracle has released its largest set of security fixes to patch 276 vulnerabilities in the firm's enterprise software. Nineteen of the fixes are rated 9.8 out of 10 for severity and will need the immediate attention of IT managers.
July's patches from Oracle outdo the company's previous record of 248 in January.
Enterprise software security company ERPScan said that most of the fixes relate to Oracle's Fusion Middleware and Oracle Sun Systems Products Suite, but 36 address vulnerabilities in industry-specific ERP systems.
This includes 10 that can be exploited remotely without authentication, making them particularly dangerous, and 16 affecting the retail sector.
More than 40 per cent of the patches are intended to fix flaws in Oracle's various enterprise resource planning applications, including Oracle E-Business Suite, Oracle Fusion Middleware, Oracle PeopleSoft, Oracle Retail Applications, Oracle JD Edwards, Oracle Supply Chain Products and Oracle Database Server.
But the most critical problems, rated 9.8 out of 10 according to Oracle's own risk matrices, affect Oracle WebLogic Server, Oracle Director Server (enterprise edition), Hyperion Financial Reporting, Oracle Health Sciences Clinical Development Centre and Oracle Secure Global Desktop.
ERPScan said in a security blog post that the WebLogic Server vulnerability is "easily exploitable", and enables an unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server.
Similar attacks affect Directory Server, Oracle Health Sciences and the Hyperion Financial Reporting package.
The Oracle Secure Global Desktop, meanwhile, suffers from an "easily exploitable" vulnerability that allows an unauthenticated attacker with network access via SSL/TLS to compromise Oracle Secure Global Desktop.
"Successful attacks of this vulnerability can result in takeover of Oracle Secure Global Desktop," said ERPScan.
"It is highly recommended that organisations patch all these vulnerabilities to prevent business risks affecting their systems.
"Companies providing Oracle Security assessment and Oracle Penetration testing services should include these vulnerabilities in their check lists."
IBM and Technical University of Munich team demonstrate how Shor's algorithm, which can't be cracked by conventional computers, can be solved quickly with quantum computing
Hubble Space Telescope finds superflares from young red dwarfs could strip away planetary atmosphere
Younger stars are 100 to 1,000 times more energetic than when they're older
Two of the big four supermarkets will use the system to control sales of restricted products
PUBG news and updates: November's Update #23 to bring new Skorpion pistol and changes to blue zone visibility
Genuinely useful side-arm coming to PUBG in Update #23