Oracle Quarterly Patch Release Fixes Java Flaws

Oracle’s security update pattern is shifting a little since it absorbed Sun Microsystems and its product portfolio. The database giant is now responsible for issuing patches for both product lines, and this week it’s out with a big release.

As the calendar worked out, Oracle’s quarterly Critical Patch Update (CPU) and its CPU for Java happened to coincide, so the firm this week released dozens of fixes for an array of vulnerabilities, including many deemed critical. For instance, Oracle rushed to issue patches for vulnerabilities in Java SE and Java for Business that could be used to perpetrate “drive-by download” attacks. eSecurity Planet has the details.

Oracle is out this week with its quarterly Critical Patch Update (CPU) fixing software vulnerabilities across its database, middleware, Siebel, PeopleSoft and Sun product groups.

With the October CPU, Oracle is also providing a Critical Patch Update for Java, as well, which is usually not the norm for Oracle. The timing of both the Java and regular Oracle CPU updates just happened to coincide at the same point this time around.

Read the full story at eSecurity Planet:

Oracle Plugs Java for Drive-by Downloads with October CPU

News Around the Web