Home > Cyber News > Oracle Has Fixed 270 Security Flaws in Its Products

Oracle Has Fixed 270 Security Flaws in Its Products

Oracle’s first quarterly critical dose of patches has been released. Customers are compelled to apply all of the 270 fixes to the corresponding products.

Oracle Has Issued 270 Fixes

The vast update includes products like Oracle Database Server, Oracle Enterprise Manager Grid Control, Oracle E-Business Suite, Oracle Industry Applications, Oracle Fusion Middleware, Oracle Sun Products, Oracle Java SE, and Oracle MySQL. The big number should not scare you – last July the critical bunch contained 276 fixes. All customers should consider applying the updates immediately, “without delay”. It’s a largely known fact that attacks happen successfully because targets had failed to apply patches on time.

According to security experts at Qualys, more than 100 of the fixed issues in the update could be used in remote attacks, without the need of credentials.

More particularly, the updates for Oracle’s FLEXCUBE financial applications comprise 20 percent of the bunch, alongside updates for Oracle Applications, Fusion Middleware, MySQL, and Java. Other significant updates concern Oracle retail apps and PeopleSoft. 16 out of the 17 Java flaws could be exploited remotely without user credentials. Five of the 27 MySQL bugs are also prone to remote exploitation.

MySQL has the highest number of CVE vulnerabilities for the past five years. There’s a steady growth in those flaws between 2015 and 2016, the company has reported. There are fixes for Oracle’s retail apps, such as one for MICROS, the well-known POS systems. More precisely, a bug in the MICROS Lucas system (one of two) doesn’t require authentication and could be exploited remotely via the Web. The other remote bug concerns Oracle Retail Order Broker.

That’s not that surprising at all as PoS systems have become primary targets for PoS for specifically designed malware attacks aiming at credit cards.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree