Database updates star in Oracle quarterly patch batch
A light sprinkling of security fixes
Oracle is preparing 24 patches for its latest quarterly patch update.
The patch batch, due on the same day as Microsoft's monthly update on 12 January, covers 10 database flaws, two of which might lend themselves to remote exploit without the need to know a user name and password. A trio of flaws in Oracle Application Server and three in E-Business Suite and Applications pose the same potentially critical risk.
Five flaws in Oracle BEA products might also be exploited without login credentials. A full summary of Oracle's upcoming patch batch can be found here. The patch batch is smaller than the average of around 50 updates a quarter.
Microsoft's upcoming update is also waif-like, with just one critical patch due to arrive, a move that means some serious IE and Windows flaws will be left unpatched for at least another month. ®