In the Wake of the April patch days, the company provides Patches for nine Java vulnerabilities. One of the vulnerabilities allows itself without any interaction with a user, the injection of malicious code remotely. In its other products, Oracle closes again, 127 security flaws.
At its April patch Tuesday, Oracle has released an Update for Java SE. This includes nine vulnerabilities, of which the company four rated at least 9 out of 10 points. The ten-stage Common Vulnerability Scoring System (CVSS) is based. The security vulnerabilities allow you to Inject and Execute malicious code remotely in one case, this is even without interaction with a user.
Of the vulnerabilities in Java SE 6 Update 113, Java SE 7 Update 99, as well as Java SE 8 Update 77 for Windows, Mac OS X and Linux are affected. Java SE Embedded 8 Update 77 and JRockit Release 28.3.9 are vulnerable.
Oracle advises its customers to switch to the error-adjusted versions of Java SE 8 Update 91 or 92. Updates for Java SE 6 and 7, the company provides only for those customers who have purchased Java Support. The Patches are delivered via the Java Website, as well as automatic Update feature of Java for Mac OS X and Windows.
All in all, Oracle 136 fixes for vulnerabilities in its products. Fixes for different versions of Oracle database servers available. In Oracle Fusion Middleware 22 gaps were closed seven of the vulnerabilities are rated 9.8 points.
Also, users of Enterprise Manager Grid, the E-Business Suite, Supply Chain and Products should import the Oracle offered Patches. In addition, Oracle updates the PeopleSoft, Siebel, Sun system and JD Edwards products.
Most of the errors had to be in MySQL corrected. A total of 32 gaps are found in the versions 5.7.10, and 5.7.11 and earlier. Three of them can be exploited without authentication from the distance.
Basically, Oracle closes four times in the year, security vulnerabilities in its products. In January, there were in total, for example, 248. The next regular patch Tuesday, then place on 19. July.
[mit Material von Stefan Beiersmann, ZDNet.de]
Tip: Do you know the history of computer viruses? Check your Knowledge – with 15 questions on silicon.de