Oracle Issues Quarterly CPU, Fixes Zero Day

By July 21, 2015 September 5th, 2017 News

John K Waters writes:

Oracle’s latest quarterly Critical Patch Update (CPU) comprises 193 fixes for vulnerabilities in Oracle products, including 25 that address Java SE issues.

John Matthew Holt, CTO of Dublin-based Java security vendor Waratek, pointed out in an e-mail that, of the 25 CVEs fixed in this patch, 24 of them (96 percent) affect Java SE 8, the latest and most up-to-date Java version — revealing, he said, that the security of Java’s APIs has not significantly improved over time. He also noted that Java SE 7 is no longer being provided with public security updates. “So enterprises running Java SE 7 applications — which is virtually every large enterprise today — cannot automatically download and apply these important security fixes,” he said.

Read the full article


Author News

More posts by News

Leave a Reply