Oracle has one-upped itself once again. The company fixed a record 276 vulnerabilities – more than half of which are remotely exploitable – as part of its July Critical Patch Update released Tuesday afternoon.
The quarterly patch update resolves vulnerabilities in 84 different products, including Oracle Database Server, Oracle Fusion Middleware, and Oracle’s E-Business Suite to name a few. The number of fixes exceeds the previous all time high, 248 patches, pushed by Oracle in January and marks more than double the amount of vulnerabilities addressed by the company in its last CPU in April.
Like the April CPU, more than 50 percent of the vulnerabilities, 159 in total, can be exploited remotely without authentication. Oracle Fusion Middleware is the biggest culprit; 35 of the 40 vulnerabilities that affect the software are remotely exploitable. The company’s E-Business Suite – in which 21 of the 23 vulnerabilities are remotely exploitable – and Oracle Sun Systems Products Suite – in which 21 of the 34 vulnerabilities are remotely exploitable – also merit attention.