The software manufacturer Oracle network only holds its updates every three months. Oracle speaks of security gaps – Due to the extensive product range and the rather long update cycle, there are several hundred gaps to be filled. On the last Patch Day of 2020, there were over 400. Many of the plugged gaps are critical. For this issue, Oracle uses the standard vulnerability scoring, the highest value of which is 10.0.
Oracle has filled most of the gaps in its solutions for the industry. Of the 50 vulnerabilities, 47 can be exploited over the software without a user login, ten of which achieve the score 9.8.
Hackers Could Exploit The Network
In the worst case, they could take control of malware network. Oracle advises its customers to apply the fixes provided as part of the patch update immediately and to ensure that they are using suitable versions that are still supported by the manufacturer. In the main edition, Oracle has plugged a total of eight security gaps, all of which can be exploited over the software without a user log in. It is called a long term support and will be provided with updates for the next years.
Oracle Wants To Announce The End Of Support
Commercial users, on the other hand, have had to pay for these updates since last year, but will be provided until the end of 2030. The latest version is Java 8, in which the network has closed seven security gaps. As a browser extension, the support only runs in Internet Explorer. Oracle network has plugged seven security gaps for the latest version, where one of them has a score of 8.2. One or the other vulnerability could be suitable for breaking out of the virtual program and executing on the host network.
