View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
October 17, 2013

Oracle’s critical patch update includes 127 fixes across product line

About 51 of the issued fixes are solely meant for Java.

By CBR Staff Writer

Oracle has released its latest Critical Patch Update (CPU) and includes 127 security fixes across its product line, with 51 of them exclusively for Java application.

The update also includes fixes for other Oracle products including the E-Business Suite, MySQL and the Primavera Products Suite.

Out of the total 51 fixes for Java, 50 were intended for Java Applets and Java WebStart, which are used when users run applications in web browser.

About 12 of total vulnerabilities being patched can be exploited, while others can access a network without authentication.

Qualys CTO Wolfgang Kandek said that the majority of vulnerabilities are concentrated on desktop or laptop deployments, with the most common attack vector being web browsing and malicious web pages.

"The new version is Java 7 update 45, and you should update as quickly as possible on your desktop and laptop machines," Kandek said.

"Java 6 is also vulnerable to 11 of the 12 highly critical vulnerabilities, but there are no more public patches for Java 6.

Content from our partners
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK

"The recommended action for Java 6 here is to upgrade to Java 7 if possible. If you cannot upgrade, I would recommend to isolate the machine that needs Java 6 running and not use it for any other activities that connect it to the Internet, such as e-mail and browsing."

The remaining 76 flaws enable remote unauthenticated access for the hackers, which are critical on applications that are open to the internet.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU