Oracle will release a raft of patches tomorrow

ENTERPRISE VENDOR Oracle is gearing up to release a critical update tomorrow.

The firm explained that its critical update is a collection of patches to fix a number of security vulnerabilities. This is its first of the year and includes fixes for no less than 78 flaws across its full range of products.

Oracle said, "While this pre-release announcement is as accurate as possible at the time of publication, the information it contains may change before publication of the Critical Patch Update Advisory."

Oracle admitted that 16 of the vulnerabilities could be exploited remotely over a network without the need for authentication with a user name and password. This includes one vulnerability associated with Oracle's database server.

With cyber attacks being all the rage at the moment, Oracle has warned customers to install the updates as soon as possible to minimise risks.

The software that will get the most fixes is Mysql Executive Summary, which has 27 to its name. However, the package with the highest common vulnerability scoring system (CVSS) 2.0 base score for vulnerabilities is the Sun Products Suite Executive with a score of 7.8, containing 17 fixes.

The lowest CVSS 2.0 score is 3.7 for Oracle Virtualization Executive, which will get fixes for three vulnerabilities.

Wolfgang Kandek, CTO of security firm Qualys said, "Only Peoplesoft and the virtualization products are not affected by this critical rating - everybody else should pay close attention to the release next Tuesday." µ