As part of its quarterly Critical Patch Update, Oracle has issued fixes for a total of 250 bugs. This comes hot in the heels of the keynote speech at Oracle OpenWorld given by Larry Ellison, co-founder of the multinational provider of database technology, enterprise software and cloud engineered systems.
While it is vital for software companies to issue fixes, responsibility for applying them quickly and effectively lies with the end user – only half of the organisations quizzed in a recent survey confirmed that they had a procedure in place for implementing security updates.
One of the most high-risk products in the Oracle stable is its widely-used E-Business Suite (EBS). The company issued three new patches to tackle vulnerabilities in versions 12.1 and 12.2 of Oracle EBS. Due to Structured Query Language (SQL) injection vulnerabilities, attackers could steal or interfere with user’s personal and financial data without even needing to know any log-in details.