Oracle Patches 230 Vulnerabilities With April 2024 CPU

Share This Post

Oracle on Tuesday announced 441 new security patches as part of its April 2024 Critical Patch Update. More than 200 of them address flaws that can be exploited by remote, unauthenticated attackers.

SecurityWeek has identified roughly 230 unique CVEs in Oracle’s April 2024 CPU. More than 30 security patches address critical-severity vulnerabilities.

Oracle Communications received the largest number of security patches this month, at 93. Of these, 71 address bugs that are remotely exploitable, without authentication.

Next in line are Fusion Middleware (51 security patches – 35 addressing remotely exploitable, unauthenticated issues), Financial Services Applications (49 – 30), and E-Business Suite (47 – 43).

Numerous patches were also released for MySQL (36 patches – 9 for vulnerabilities exploitable remotely, without authentication), Systems (22 – 16), Communications Applications (14 – 10), Java SE (13 – 10), Virtualization (13 – 1), Analytics (12 – 5), Enterprise Manager (11 – 7), PeopleSoft (10 – 5), and Retail Applications (10 – 9).

Other Oracle products that received security patches this month include Database Server, Commerce, Construction and Engineering, Insurance Applications, Supply Chain, Support Tools, Food and Beverage Applications, HealthCare Applications, Utilities Applications, Hyperion, Hospitality Applications, Health Sciences Applications, Autonomous Health Framework, Big Data Spatial and Graph, Global Lifecycle Management, and GoldenGate.

The patches for some of these applications address additional security defects as well and some of them resolve multiple non-exploitable flaws. Oracle has released separate fixes for vulnerabilities that impact multiple applications.

Oracle customers are advised to apply the patches as soon as possible.

Advertisement. Scroll to continue reading.

“It has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay,” the tech giant notes.

On Tuesday, Oracle also announced the release of 13 new security patches for third-party components in the Solaris operating system, 71 new patches for Oracle Linux, and 3 new security patches for the Oracle VM Server for x86.

Related: Oracle Patches 200 Vulnerabilities With January 2024 CPU

Related: Oracle Patches 185 Vulnerabilities With October 2023 CPU

Related: Oracle Releases 508 New Security Patches With July 2023 CPU

This post was originally published on this site

More Articles
Article

Navigating SEC Regulations In Cybersecurity And Incident Response

Free video resource for cybersecurity professionals. As 2024 approaches, we all know how vital it is to keep up to date with regulatory changes that affect our work. We get it – it’s a lot to juggle, especially when you’re in the trenches working on an investigation, handling, and responding to incidents.
Article

BFU – Seeing is Believing

Oh no, the device is in BFU. This is the common reaction; a device needs extracting, and you find it in a BFU state. Often, there’s an assumption that a BFU extraction will only acquire basic information, but that isn’t always the case.

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .