Oracle Releases Fixes for 270 Vulnerabilities
Update Now!
Update Now!
It is important to update any Oracle products you may have (personally, or network admins for their business computers). Oracle has released their January 2017 security bulletin recently, to which addressed 270 vulnerabilities patched.
The severity of this is noted by Oracle, and they warn consumers as follows:
Oracle Critical Patch Update - 2017 wrote:Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.
Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. Until you apply the CPU fixes, it may be possible to reduce the risk of successful attack by blocking network protocols required by an attack. For attacks that require certain privileges or access to certain packages, removing the privileges or the ability to access the packages from users that do not need the privileges may help reduce the risk of successful attack. Both approaches may break application functionality, so Oracle strongly recommends that customers test changes on non-production systems. Neither approach should be considered a long-term solution as neither corrects the underlying problem.