Oracle urges customers to apply critical update
Latest patch for the company's database and Web applications closes almost two dozen security holes.
The Critical Patch Update, available on the software company's Web site, is meant to fix 17 flaws in different versions of the Oracle Database Server, three flaws in Oracle's Application Server and another flaw in the Oracle Collaboration Server.
Oracle did not release detailed information about the flaws but included several measures of the threat of the flaws in a table included with the advisory on the company's site.
Several of the vulnerabilities were found by security company Next-Generation Security Software, which urged Oracle users to download and test the patches. NGSSoftware will allow three months for administrators to patch their systems before it releases more details about the flaws.
Tuesday's patch release marks the first time Oracle has released patches on a quarterly schedule. The company plans to release updates in January, April, July and October.