The company recommends that system administrators stay on the lookout for the release of update patches
During its January update, the Oracle data management system announced that patches will be included to correct 248 new vulnerabilities present in multiple protocols, from the popular Oracle Database System to Solaris, Java and MySQL, as reported by network security experts from the International Institute of Cyber Security.
The vulnerabilities were found in multiple components of various Oracle products and, as it has become a regular behavior with each update, the list of affected products grows more and more.
According to experts in network security, among the products most affected by these security failures are:
- Oracle Fusion Middleware, with 62 vulnerabilities, 57 are exploitable remotely
- Oracle Communications, with 33 vulnerabilities, 29 exploitable remotely and without authentication
- An update on Oracle People Soft to solve 20 security problems, 15 of them exploitable remotely
- Oracle E-Business, with 16 exploitable vulnerabilities remotely
- Oracle retail applications with 15 exploitable vulnerabilities without authentication
- Oracle Sun Systems, with 11 new vulnerabilities
- Oracle Enterprise Manager, with 9 exploitable remote vulnerabilities by users without authentication
- Oracle virtualization, product that presented 30 security bugs (4 of them exploitable remotely) corrected with a single update patch
Network security experts recommend that sysadmins check the severity of the reported bugs, as well as search for the availability of update patches according to the user. All the information that users require to consult is available on the Oracle official support page.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.