Staggering 299 patches released spanning database, middleware, Peoplesoft and JD Edwards software
Oracle has released a mammoth security update that fixes a 299 products spread wide across the Oracle product portfolio.
The critical patch update contains fixes for Oracle’s core database software, as well patches for Fusion middleware, PeopleSoft and JD Edwards, as well as a host of other products.
It is thought to be the largest ever security patch update released by the software giant.
What should be concerning for the system administration team is that Oracle describes these patches as critical.
“Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay,” it said.
And over 100 of these 299 fixes are for vulnerabilities that are remotely exploitable without authentication.
Oracle Financial Services Applications took the lion’s share of the patches with 47 vulnerabilities patched.
Next up was Oracle Retail Applications and Oracle MySQL, both of which have 39 fixes.
Somewhat surprisingly, notorious insecure Java only has 8 security fixes.
Whatever happens, it promises to be a long night for the unfortunate system admin responsible for patching Oracle systems.
And to give an idea of how big this patch update actually is, Oracle acknowledged over 70 security researchers for help identifying weaknesses.
It comes after Oracle began 2017 with its largest update ever, fixing 270 vulnerabilities across a range of products and service.
Meanwhile it has been a busy period for the software giant in areas other than security.
This week for example Oracle partnered with container platform Docker to make its databases, middleware and developer tools available in the Docker Store marketplace.
And despite the firm recently posting a 50 percent increase in revenue for its cloud business, it is still reportedly planning to cut up to 1,800 jobs as part of its continuing move away from hardware into software and cloud-based services.