google-site-verification: google30a059f9a075f398.html

long-waited Oracle Fixes 237 Vulnerabilities in January Critical Patch Update

CyberWisdom Safe Harbor Commentary:

What is most likely to be an overlooked story from eweek.com revealed a long waited Oracle released a major patch update in January, fixing 237 vulnerabilities in the company’s product portfolio. The update was released on January 16, with attackers who cryptocurrency miner targeting Oracle in its October 2017 CPU patch vulnerability.

The January 2018 CPU addresses a number of security vulnerabilities, including security vulnerabilities affecting databases, middleware, Java, PeopleSoft, Siebel and E-Business Suite applications. In particular, Oracle’s January CPU includes patches for the Meltdown (CVE-2017-5754) and Specter (CVE-2017-5753 and CVE-2017-5715) processor vulnerabilities announced on January 3.

Other issues that Oracle patched in January’s CPU include a couple of key vulnerabilities in the Oracle E-Business Suite (EBS) reported by security firm Onapsis (CVE-2018-2655 and CVE-2018-2656). EBS defects can be remotely exploited without user authentication. According to Onapsis, an attacker can execute arbitrary queries in the database to obtain or modify private information.

Read more…

Your registration with Eweek will include the following free email newsletter(s): News & Views By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features. By clicking on the “Register” button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms. In its first security update of 2018, Oracle releases patches for the Meltdown and Spectre processor vulnerabilities. Oracle has released its January Critical Patch Update, fixing 237 vulnerabilities across the company’s product portfolio. The update, released on Jan. 16, comes as cryptocurrency miner attackers take aim at vulnerabilities that Oracle patched in its October 2017 CPU. The January 2018 CPU addresses myriad security vulnerabilities, including ones affecting database, middleware, Java, PeopleSoft, Siebel and E-Business Suite applications. Of particular note, Oracle’s January CPU includes patches for the Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715) processor vulnerabilities that were disclosed on Jan. 3. Other issues patched by Oracle in the January CPU include a pair of critical vulnerabilities… Engaging post, Read More…

thumbnail courtesy of eweek.com.

If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post » long-waited Oracle Fixes 237 Vulnerabilities in January Critical Patch Update