Oracle Patches 254 Flaws With April 2018 Update (Nearly half of the bugs are remotely exploitable)

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Oracle’s Critical Patch Update (CPU) for April 2018 contains 254 new security fixes, 153 of which address vulnerabilities in business-critical applications.

A total of 19 products received security updates in this CPU, including E-Business Suite, Fusion Middleware, Financial Services Applications, Java SE, MySQL, PeopleSoft, Retail Applications, and Sun Systems Products Suite. Nearly half of the bugs are remotely exploitable.
Forty-two of the security holes addressed this month were assessed with a Critical severity rating, with the most severe of them featuring a CVSS score of 9.8. Affected products include Fusion Middleware, Financial Services, PeopleSoft, EBS, and Retail Applications.
Fusion Middleware received 39 patches, the largest number an Oracle product received this month. Thirty of the vulnerabilities may be remotely exploitable without authentication, the software giant explains in its advisory.

Next in line comes Financial Services Applications, with 36 vulnerabilities patched (18 of which may be remotely exploitable without authentication), followed by MySQL at 33 flaws (2 remotely exploitable) and Retail Applications at 31 bugs (27 remotely exploitable).
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top