Oracle has announced plans to ship a Critical Patch Update (CPU) with fixes for at least 38 security vulnerabilities in a wide range of database and server products. The most serious vulnerabilities affect Oracle Core RDBMS, Oracle JRockit and Oracle Network Authentication. CISA warns the leading enterprise document management platform is open to attack and urges companies to apply fixes. The modular malware is highly sophisticated but may not be able to capture credit-card info. It’s not clear whether the modular malware will capture credit card details.
Source: https://threatpost.com/oracle-mega-patch-coming-next-tuesday-101609/72353/