Oracle plugs 51 security flaws

As part of its quarterly patch cycle, company on Tuesday released fixes for vulnerabilities that affect many of its software products.

Oracle on Tuesday released fixes for 51 vulnerabilities that affect its software products.

The update is part of the Redwood City, Calif., company's quarterly patch cycle. Oracle preannounced its patch release Thursday, when, for the first time, it published an advance notification so customers could plan ahead to apply the fixes.

Oracle's actual Tuesday "Critical Patch Update" has one fix less than the company originally announced. Instead of the planned 27 fixes for its database products, 26 vulnerabilities are addressed in the company's flagship software.

"An issue was detected with one of the database fixes for a number of database versions," Eric Maurice, manager for security at Oracle, wrote on a corporate blog. "Per our policy?we removed the fix from the January CPU. We are working to resolve this issue to release the fix on all supported database versions with the next CPU in April."

In addition to the database fixes, Oracle's update repairs 12 flaws in Application Server, 7 in E-Business Suite, 6 in Enterprise Manager and 3 in PeopleSoft. Many bugs are serious and could allow a system running the vulnerable Oracle software to be compromised remotely by an anonymous attacker, Oracle said.

"As usual, we highly recommend that customers apply all patches promptly," Maurice wrote.

Oracle's next patch release is due on April 17.

Featured Video
6
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

The new Moto 360 looks more like a watch than a smartwatch

CNET's Dan Graziano gives you a first look at the brand new Moto 360.

by Dan Graziano