InfoSecBulletin Cybersecurity for mankind
Oracle announced 441 new security patches for its April 2024 Critical Patch Update, with over 200 of them fixing flaws that could be exploited by remote, unauthenticated attackers.
Oracle’s advisory reported that about 230 unique CVEs were found in Oracle’s April 2024 CPU, with over 30 security patches addressing critical-severity vulnerabilities.
Chrome Zero-Day Alert — Update Your Browser to Patch
Dell Discloses Data Breach: 49 million customers allegedly affected
BIG VULNERABILITIES IN NEXT-GEN BIG-IP
UK confirms Ministry of Defence payroll data exposed in data breach
LockBit Ransomware Leader Unmasked and Sanctioned
Samsung mobile devices 25 flaws patched
Bangladesh to make law to protect customers using electronic currency
Outpost24 report
Cybersecurity Loopholes in Paris 2024 Olympics Infrastructure
Xiaomi Android Devices Hit by Multiple Flaws
LockBit’s seized darknet site resurrected by police, teasing new revelations
Oracle Communications received the highest number of security patches this month, with a total of 93. Out of these, 71 patches specifically cover bugs that can be remotely exploited without requiring authentication.
Next in line are Fusion Middleware (51 security patches – 35 addressing remotely exploitable, unauthenticated issues), Financial Services Applications (49 – 30), and E-Business Suite (47 – 43).
MySQL, Systems, Communications Applications, Java SE, Virtualization, Analytics, Enterprise Manager, PeopleSoft, and Retail Applications all had patches released. The patches addressed various vulnerabilities, with some being exploitable remotely without authentication.
Oracle released security patches this month for various products, including Database Server, Commerce, Construction and Engineering, Insurance Applications, Supply Chain, Support Tools, Food and Beverage Applications, HealthCare Applications, Utilities Applications, Hyperion, Hospitality Applications, Health Sciences Applications, Autonomous Health Framework, Big Data Spatial and Graph, Global Lifecycle Management, and GoldenGate.
Oracle has released patches for some applications that fix security issues, including some additional vulnerabilities and non-exploitable flaws. They have also released separate fixes for vulnerabilities that affect multiple applications.
Oracle customers are advised to apply the patches as soon as possible.
“It has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay,” Oracle said.
On Tuesday, Oracle announced new security patches for various components of their operating systems. This includes 13 patches for Solaris, 71 patches for Oracle Linux, and 3 patches for the Oracle VM Server for x86.
