Dive Brief:
- This week, Oracle issued 248 patches, the majority of which were for Java SE, its platform to run Java applications.
- Other patches impacted Oracle's Database and E-Business suite.
- Five of the identified vulnerabilities had the highest severity rating, according to ERPScan, a security company that specializes in SAP and Oracle systems.
Dive Insight:
While patching software can take time, it generally beats the alternative. Hacker attacks on Oracle and SAP systems are not common today, but “it is expected there will be increasing interest due to the sensitive data held,” according to Network World.
Oracle recommended companies patch the newly identified vulnerabilities immediately. According to ERPScan, the company usually only has about 100 patches per quarterly update.
"Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes," the company said. "In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches."