Oracle Critical Patch Update, Oct. 2017

October 18, 2017

Summary

The Oracle Critical Patch Update for October, 2017, contains an unusually high number of patches for vulnerabilities that may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.

Impact

The impact of each vulnerability is specific to individual Oracle products affected, but are all rated "High" in terms of the risk of a Confidentiality (data exposure), Integrity (data modification), or Availability (data loss) security incident.

Vulnerable

See the link below to the "Oracle Critical Patch Update" for a list of Oracle products and versions affected.  [1]

Recommendations

  • Review the "Oracle Critical Patch Update" to identify affected products currently in operation.  [1]
  • Patch accordingly.

References

[1]  http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html