Oracle Announces patches for 36 holes in Java SE 72014-03-21 | Comebuy News
Oracle has announced for Tuesday a security update for Java SE 7. It should address 36 vulnerabilities. 34 of them can be out according to the company from a distance and without entering credentials.
Overall, Oracle's January patch day brings 144 fixes for 47 products. Some of the vulnerabilities affect multiple products, so that the actual number of vulnerabilities - the Oracle made no details--is lower. Except for the gaps in Java you can abuse 47 holes to inject and execute malicious code.
Also Oracle database are incorrect 11 g and 12 c, containers for J2EE, enterprise data quality and forms and reports in addition to Java SE 11 g and 12 c, Fusion Middleware 11 g. More gaps into GlassFish server, Sun Java application server, HTTP Server 11 g and 12c, E-Business Suite 11i and 12i, multiple PeopleSoft products, Siebel core and Siebel life sciences, Solaris, VirtualBox and MySQL server and Enterprise Monitor. A complete list can be found on the Oracle Web site.
Oracle will release the patches, as well as Microsoft and Adobe, in the course of Tuesday. Probably Apple will as last also promptly provide a Java Update for Mac OS X. In contrast to Adobe and Microsoft, Oracle closes only four times in the year of security vulnerabilities in its products. The next patch day will take place on April 15, 2014.
At Microsoft, only a mini patch day is on the agenda on Tuesday. The company wants to eliminate an unspecified number of vulnerabilities with four updates. None of them is classified as critical. Adobe improved the security of its users with new versions of reader and Acrobat. Perhaps it will provide but also fixes for other products.
[with material by Larry Seltzer, ZDNet.com]
Tip: You are familiar with operating systems? Test your knowledge? with 15 questions on ITespresso.de.