Today’s topics include potentially harmful applications on the Google Play mobile app store, Oracle releasing its largest security update to date, Docker Inc.’s new professional services offering and Microsoft Hyper-V enabling Linux containers to run on Windows Server.
In a critical patch update April 18, Oracle patched 299 vulnerabilities—the largest ever security update for the software company. Oracle’s previous record was set last July, when the company patched 276 vulnerabilities.
So far this year, Oracle has patched 569 vulnerabilities. Among the patches this month are multiple products being updated to fix an Apache Struts vulnerability that was publicly disclosed in March.
“The fact that we’re still addressing vulnerabilities associated with Struts v1 and Apache Commons years after the issues were first raised is surprising and troubling,” John Matthew Holt, CTO of application security vendor Waratek, told eWEEK.
“The Struts 2 patch is less surprising since it was just announced in March 2017, but no less troubling as it points to the continuing issues associated with third-party software components,” Holt added.