Showing posts with label oracle. Show all posts
Showing posts with label oracle. Show all posts

Tuesday, April 15, 2014

Oracle Going To Check 30 Vulnerabilities In Java

Java Update
Four weeks after the release of Java 8; the first patches are available to check the vulnerabilities and this time there are more security threats blocked. There are around 37 gaps, it the highest danger level encountered by Oracle. Today, on April 15, 2014 will publish extensive patches for Java Oracle.

In the software, which was recently published in Issue 8, there are four more across the supported versions, 37 holes, 35 of which can be used from a distance. Oracle classifies all vulnerabilities in its software on a scale of 1 to 10, at least one of Java vulnerabilities carries the highest risk level of 10 in the scale. Oracle does not specify; How many out of the 37 errors are so serious.

The patches appear for "Java Platform and Standard Edition”, just Java SE, in the versions 5.0u61, 6u71, 7u51 and 8 similarly, there are updates for Java SE Embedded, JRockit and JavaFX. In each of the packages, one of the 37 gaps stuck, more precisely, Oracle has not been described about the errors in detail. However, the company indicated generally the update as critical. Many other Oracle products, the company updated with the upcoming patch day.

So there are 2 patches for the database server, but the resulting closed gaps cannot be exploited remotely it seems. There are about 13 gaps in the Oracle Fusion customer’s side but that is the case, there are a total of 20 patches for this software.

Also in Oracle MySQL insert 14 security bugs, two of which could be used remotely. In this case, however, the risk level is less it seems, unlike the previous Java 6.5.

Further updates are available for the Sun Systems Products Suite, Siebel CRM, Hyperion and PeopleSoft. A summary of all patches listed in Oracle to the exact nature of the error but there are no security advisories.

Friday, October 18, 2013

Oracle releases 127 security fixes, 51 for Java alone

Oracle releases security fixes

Oracle released a major security package that includes, 51 Java vulnerabilities among other things. Hence the experts strongly advise to update. Regularly new vulnerabilities appear in the Java Runtime Environment.

Some of them are extremely critical: Even the Federal Office for Security in Information Technology warns occasionally before using the software. More important is that the developers fill in the gaps as quickly as possible.

A new security package fixes 127 errors in Oracle products - only 51 of them relate to Java. The targets are almost all in applets or Web Start and Java Plug-in in your browser. The vulnerabilities can be exploited over the Internet - without you actually realizing it.

Therefore, it is particularly important to update Java. First check which version of Java is installed on your PC. Use to check the version of Oracle. With Java 7 Update 45 you are up to date with the latest versions which pluck the holes. Updates usually take over the Java Control Panel. There you can also set whether to automatically update Java in the future.

 The Control Panel is launched via the javacpl.exe in your Java installation bin directory. If you do not need Java to the remove or disabling of the program recommends. However, the software is used in many places: about booking of seats in the cinema or in the bank.

Saturday, July 20, 2013

Oracle launches 89 patches

On the occasion of its Critical Patch Update, the editor corrects mass, including pourFusion, MySQL and Solaris. As usual, Oracle does not do things by half during its quarterly security. This time, it is not less than 89 patches that are available to address a multitude of flaws in its various products. Nearly half of these patches are considered critical, they fix vulnerabilities that can allow a takeover by a remote attacker. Oracle therefore recommends immediate updates. MySQL products particularly Solaris operating system are particularly spoiled with 33 patches. For the first, the most critical vulnerabilities affect the XML parser and the Outside In particular component used by Microsoft Exchange Server. For the second, they patched the holes in the TCP / IP and iSCSI protocol management. They also retain 21 patches (including 16 critical) for Fusion Middleware. Oracle Enterprise Manager Database families, Hyperion, E-Business and PeopleSoft are also concerned. Recall that the editor said earlier this year that the updates for Java will now be monthly from October. Meanwhile, the general public must now juggle; updates are available almost daily to protect their Web browsers zero-day vulnerabilities.