Oracle releases first CPU of 2021

Read on to see how your organisation is affected...

Please note that since the release of the October 2020 Critical Patch Update, Oracle has released a Security Alert for Oracle WebLogic Server: CVE-2020-14750 (November 1, 2020). We strongly advise customers to apply this Critical Patch Update, which includes patches for this Alert as well as additional patches.

Other updates of note:

• E-Business Suite: 31 new vulnerabilities with a maximum CVSS score of 9.8 (Critical)
• Database: 8 new vulnerabilities with a highest score of 8.8
• Middleware: 60 issues resolved – 47 of which are remotely exploitable without authentication!! – Oracle are recommending these are applied without delay to any internet facing systems
• Hyperion – 7 new vulnerabilities with 5 remotely exploitable without authentication and a highest score of 9.8
• Enterprise Manager: 8 vulnerabilities. ALL of which are exploitable remotely without authentication and a highest score of 9.8
• Others: MySQL – 43 new vulnerability fixes, Oracle Virtualization – 17 new fixes, Oracle Systems – 4 fixes (3 of which are remotely exploitable without authentication)

What does the Oracle CPU mean for you?

Digital security should always be high on the agenda but, as organisations continue to respond to Covid-19 with remote working and adapted working practices, it's even more critical to ensure your information is safe.

Our advice is to please keep up to date with your patching to limit the opportunity for a damaging security breach. Users of Oracle Systems, Middleware and Enterprise Manager should particularly ensure they take urgent action.

How can Inoapps help?

If you would like advice about CPUs and patching, please email us today for information – we're here to help.