January 27th, 2010 . by DarkFiber Consulting
Oracle has released its Critical Patch Update for January 2010 to address 24 vulnerabilities across several products. This update contains the following security fixes:
- 10 for Oracle Database
- 3 for Oracle Application Server
- 3 for the Oracle Applications Suite
- 1 for PeopleSoft and JD Edwards Suite
- 5 for the BEA Products Suite
- 2 for the Oracle Primavera Products Suite
DarkFiber Consulting encourages users and administrators to review the January 2010 Critical Patch Update and apply any necessary updates to help mitigate the risks. Additional information can be found in DarkFiber Consulting Technical Cyber Security Alert TA10-012A.
May 9th, 2009 . by DarkFiber Consulting
Oracle has released their Critical Patch Update for April 2009 to address 43 vulnerabilities across several products. This update contains the following security fixes:
- 16 updates for Oracle Database Server
- 12 updates for Oracle Application Server
- 3 updates for Oracle Applications
- 4 updates for Oracle PeopleSoft and JDEdwards Suite
- 8 updates for BEA Products Suite
DarkFiber Consulting encourages users and administrators to review the April Critical Patch Update and apply any necessary updates.
July 29th, 2008 . by DarkFiber Consulting
Oracle has released a Security Advisory to address a vulnerability in the WebLogic plug-in for Apache. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to compromise the confidentiality or integrity of WebLogic Server applications or cause a denial-of-service condition. The advisory indicates that exploit code for this vulnerability is publicly available.
DarkFiber Consulting encourages users to review the Oracle Security Advisory and implement the workarounds listed in the document to help mitigate the risks. At this time, a patch or update is not available.
DarkFiber Consulting will provide additional information as it becomes available.