Latest news
Oracle just released a new Critical Patch Update, a collection of patches for multiple security vulnerabilities. The update also includes non-security fixes that are required by those security patches. Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. This Critical Patch Update contains 85 new security fixes across all product families listed below.
Affected Products and Components
Security vulnerabilities addressed by this Critical Patch Update affect the following products:
For more information do visit Oracle's page dedicated to these patches.Oracle Database 11g Release 2, version 11.2.0.1
Oracle Database 11g Release 1, version 11.1.0.7
Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4
Oracle Database 10g, Release 1, version 10.1.0.5
Oracle Fusion Middleware, 11gR1, versions 11.1.1.1.0, 11.1.1.2.0
Oracle Application Server, 10gR3, version 10.1.3.5.0
Oracle Application Server, 10gR2, version 10.1.2.3.0
Oracle BI Publisher, versions 10.1.3.3.2, 10.1.3.4.0, 10.1.3.4.1
Oracle Identity Management 10g, versions, 10.1.4.0.1, 10.1.4.3
Oracle E-Business Suite Release 12, versions 12.0.4, 12.0.5, 12.0.6, 12.1.1 and 12.1.2
Oracle E-Business Suite Release 11i, versions 11.5.10, 11.5.10.2
Agile PLM, version 9.3.0.0
Oracle Transportation Management, versions 5.5, 6.0, and 6.1
PeopleSoft Enterprise CRM, FMS, HCM and SCM (Supply Chain), versions 8.9, 9.0 and 9.1
PeopleSoft Enterprise EPM, Campus Solutions, versions 8.9, 9.0 and 9.1
PeopleSoft Enterprise PeopleTools, versions 8.49 and 8.50
Siebel Core, versions 7.7, 7.8, 8.0 and 8.1
Primavera P6 Enterprise Project Portfolio Management, Versions: 6.21.3.0, 7.0.1.0
Oracle Sun Product Suite
Oracle VM, version 2.2.1
At the same time, Oracle released Java SE and Java for Business Critical Patch Update Advisory for October 2010. You can see the risk matrix and read about the patches over here.
To learn more about patching challenges and techniques read our interview with Qualys CTO Wolfgang Kandek who offers his extensive knowledge on the subject.
Spotlight
Cyber espionage campaign uses professionally-made malware
Posted on 20 May 2013. | A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.
Ransomware adds password stealing to its arsenal
Posted on 17 May 2013. | Microsoft researchers are warning about a new variant of the well-known Reveton ransomware doing rounds.
Application vulnerabilities still a top security concern
Posted on 16 May 2013. | Respondents to a new (ISC)2 study identified application vulnerabilities as their top security concern. A significant gap persists between software developers’ priorities and security professionals’ concerns.
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Hacking charge stations for electric cars
Posted on 15 May 2013. | Ofer Shezaf talks about what charge stations really are, why they have to be ‘smart’ and the potential risks created to the grid, to the car and most importantly to its owner’s privacy and safety.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
