Oracle is set to patch a massive 81 vulnerabilities this Tuesday – more than Microsoft’s record 49 flaws due to be fixed on the same day.
Microsoft announced its biggest ever Patch Tuesday last week with 16 bulletins, four of which have been rated critical, where the flaws could lead to remote code execution.
Some of the security holes in Oracle's products are serious enough as to allow remote exploitation without the need for a username or password.
A total of 31 out of the 81 vulnerabilities are in the Oracle Sun Products Suite and 16 of these “may be remotely exploitable without authentication,” according to an advisory from the tech giant.
The most serious vulnerability being addressed in the update is one affecting Solaris Scheduler, Oracle explained.
Seven security fixes have been announced for the Oracle Database Server as well, one of which will address a vulnerability that could allow for remote exploitation without authentication.
“Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible,” the firm said.
“While this pre-release announcement is as accurate as possible at the time of publication, the information it contains may change before publication of the Critical Patch Update Advisory.”
This article originally appeared at itpro.co.uk
Copyright © ITPro, Dennis Publishing
Issue: 315 | May 2013
Access CRN's extensive online resources including; email bulletins, community discussions and unique online news.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can log on to the CRN website or start posting comments on articles.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain '@crn.com.au' to your white-listed senders.