InfoSecBulletin Cybersecurity for mankind
Oracle announced 441 new security patches for its April 2024 Critical Patch Update, with over 200 of them fixing flaws that could be exploited by remote, unauthenticated attackers.
Oracle’s advisory reported that about 230 unique CVEs were found in Oracle’s April 2024 CPU, with over 30 security patches addressing critical-severity vulnerabilities.
Security Update: RoguePlanet, BitLocker Bypass, Chromium Zero-Day, and More Critical Threats Uncovered
73 Microsoft Packages Compromised in Password Stealer Attack
New Windows Defender ‘RoguePlanet’ zero-day grants SYSTEM privileges
Microsoft June Patches 200 Vulnerabilities including 3 zero days
World’s first wind power underwater data center is now live
VMware Fixed Multiple Flaws Allow Attackers to Inject Malicious Scripts
CVE-2026-50751
Check Point VPN 0-day Flaw Exploited in the Wild
AI-designed First ‘universal vaccine’ tested in humans
China Unveils First Prefabricated Data Center Base, Reducing Construction Time by 70%
Hacker now exploits recently patched SolarWinds Serv-U flaw
Oracle Communications received the highest number of security patches this month, with a total of 93. Out of these, 71 patches specifically cover bugs that can be remotely exploited without requiring authentication.
Next in line are Fusion Middleware (51 security patches – 35 addressing remotely exploitable, unauthenticated issues), Financial Services Applications (49 – 30), and E-Business Suite (47 – 43).
MySQL, Systems, Communications Applications, Java SE, Virtualization, Analytics, Enterprise Manager, PeopleSoft, and Retail Applications all had patches released. The patches addressed various vulnerabilities, with some being exploitable remotely without authentication.
Oracle released security patches this month for various products, including Database Server, Commerce, Construction and Engineering, Insurance Applications, Supply Chain, Support Tools, Food and Beverage Applications, HealthCare Applications, Utilities Applications, Hyperion, Hospitality Applications, Health Sciences Applications, Autonomous Health Framework, Big Data Spatial and Graph, Global Lifecycle Management, and GoldenGate.
Oracle has released patches for some applications that fix security issues, including some additional vulnerabilities and non-exploitable flaws. They have also released separate fixes for vulnerabilities that affect multiple applications.
Oracle customers are advised to apply the patches as soon as possible.
“It has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay,” Oracle said.
On Tuesday, Oracle announced new security patches for various components of their operating systems. This includes 13 patches for Solaris, 71 patches for Oracle Linux, and 3 patches for the Oracle VM Server for x86.
