Oracle released a massive critical patch update earlier this week consisting of 402 patches for vulnerabilities across 29 product sets. This marks the second quarter this year that Oracle’s critical patch update (CPU) contained more than 400 fixes. The vulnerabilities fixed this quarter include several issues that would allow for a cybercriminal to execute a remote attack without authentication. 18 vulnerabilities within Oracle’s core database technology were addressed in the CPU, sixteen of which are remotely exploitable.
The CPU includes patches for product sets such as REST Data Services, Communications Apps, Enterprise Risk Manager, Financial Services Apps, Oracle Big Data Graph, and 23 others. 46 patches were released for Oracle Fusion middleware, 36 of which are remotely exploitable over the network, without user authentication. Oracle urges its customers to implement the patches as soon as possible to avoid the heightened risk of attack.
Read More: Oracle Releases Another Mammoth Security Patch Update