Oracle fixes zero-day Java flaw and over 190 other vulnerabilities

[InfoSec News <alerts () infosecnews org>]

http://www.computerworld.com/article/2947760/security/oracle-fixes-zeroday-java-flaw-and-over-190-other-vulnerabilities.html

By Lucian Constantin
IDG News Service
July 15, 2015

Go ahead and update Java -- or disable it if you don't remember the last 
time you actually used it on the Web. Oracle's latest patch, released 
Tuesday, fixes 25 vulnerabilities in the aging platform, including one 
that's already being exploited in attacks.

In addition to Java, Oracle also updated a wide range of other products, 
fixing a total of 193 vulnerabilities, 44 stemming from third-party 
components.

The patched products include Oracle Database, Oracle Fusion Middleware, 
Oracle Hyperion, Oracle Enterprise Manager, Oracle E-Business Suite, 
Oracle Supply Chain Suite, Oracle PeopleSoft Enterprise, Oracle Siebel 
CRM, Oracle Communications Applications, Oracle Java SE, Oracle Sun 
Systems Products Suite, Oracle Linux and Virtualization and Oracle MySQL.

Oracle released Java 8 Update 51, Java 7 Update 85 and Java 6 Update 101. 
However, only the Java 8 update is publicly available, because general 
support for Java 7 and Java 6 ended some time ago. Only customers with 
extended support contracts continue to get access to security patches for 
those versions.

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/