As most of our regular readers may know, the Onapsis Research Labs have been working on developing Oracle Security for several months. We’ve done this by updating our readers with analysis on quarterly patch updates, and to date have released over one hundred advisories for this platform. In our continous goal to provide the industry with greater resources to secure their business critical applications, starting today we will be publishing a series of weekly blog posts focusing on different areas of protecting Oracle E-Business Suite.
As with the second Tuesday of every month, today SAP released its monthly Security Notes to keep your SAP infrastructure secure. This month, SAP published 18 new security notes, and released 11 security notes that were published after May 9th (last patch tuesday), totaling 29 notes that will be analyzed in this post. For the second month in a row there aren’t any notes tagged as Hot News; the most critical risk category that SAP has catalogued for newly discovered vulnerabilities.
Implement newly released SAP Security Note: 2473454 to confirm your SAP systems are protected.
As with the second Tuesday of every month, today SAP released its monthly Security Notes to keep your SAP infrastructure secure. This month, SAP published 14 new Security Notes with only one note tagged as High Priority. However, of these 14 notes, four of them are updates to previous publications. Based on the number of fixed vulnerabilities, and the criticality of each, it’s safe to say that this is not a critical patch day for SAP compared to previous months.
Yesterday, Oracle released its quarterly security patches and what a record breaking CPU it was! With close to 300 published patches, this marks the highest number of patches released to date for any CPU. This further validates the trend we have seen in previous CPU’s which is to correct more vulnerabilities in Oracle products due to increased research submissions targeting different Oracle products.