Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Oracle Patches 36 Bugs, Risk Ranked At '10'

Oracle Corp. on Tuesday released its quarterly patch batch, plugging 36 vulnerabilities in several of its products, including the flagship Oracle Database.

Although the number of fixes may seem high, it's actually less than half of the last Oracle bunch, which counted 82 fixes.

Oracle's Critical Patch Update (CPU) for April contains 14 patches that fix the three-dozen flaws, several of which the company said could be easily and broadly exploited. Most of the bugs could be attacked remotely.

Although Oracle doesn't use a ranking system similar to Microsoft's or Apple's that detail the most critical vulnerabilities, in a separate alert to its customers security giant Symantec rated the urgency of patching as "10," its highest ranking. Danish vulnerability tracker Secunia, meanwhile, tagged the CPU as "Highly critical," its second-from-the-top rating.

"Several of these vulnerabilities are significant, and should be patched as soon as possible," Symantec wrote to subscribers of its DeepSight Threat Management System. "No workarounds for these issues have been published by Oracle."

  • 1