Oracle Issues Security Updates

Thursday, April 21, 2016 @ 05:04 PM gHale


Oracle fixed 136 security issues in 49 different product suites in its quarterly update.

Among the products fixed in the Critical Patch Update (CPU) were the Oracle database, Java, MySQL, Solaris, VirtualBox, SPARC, and Berkeley DB.

RELATED STORIES
Fixed IBM Java Patch, Not Fixed
Out-of-Band Java Update
Emergency Java Patch
Oracle Releases 248 Security Fixes

The MySQL database received the most patches, 31, followed by the Oracle Fusion Middleware with 22, and Oracle Sun System Products Suite with 15.

Java also received nine patches, four of which ended up labeled critical, one high, three medium, and one low priority.

The four Java critical issues were CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, and CVE-2016-3427.

The first three are easy to exploit via various network protocols but require human interaction in order to execute their malicious code. The fourth is a little bit more difficult to exploit, but if successful, attackers may also impact additional products. Users should update to the latest Java version, which is Java 8u92.