Oracle is out this week with its July critical patch update (CPU), patching at least 78 different vulnerabilities across all of its various product lines. Oracle’s last CPU came out in April fixing 73 vulnerabilities.
Topping the list of vulnerabilities by category is the Oracle-Sun product suite which is being fixed for 23 issues. Oracle Enterprise Manager Grid Control is being patched for 18 security issues while Oracle’s Database Server is being fixed for 13 flaws. Rounding out the list of flaws are seven flaws that are being fixed for Oracle’s Fusion middleware.
While the diversity in products might make the CPU manageable for some, Amichai Shulman CTO of security vendor Imperva has some concerns about how Oracle actually ranks and rates vulnerabilities.
In an email sent to InternetNews.com, Shulman noted that for this release and, historically, Oracle’s security scoring clearly doesn’t always reflect the true operational risk.