Oracle Critical Patch Update of April 2023 available
The updates for many products fix 433 vulnerabilities.
Oracle publishes security updates quarterly as part of the Critical Patch Update. Oracle has released numerous security updates for its applications. Some vulnerabilities are considered critical. Therefore Admins who use Oracle software should install the current versions for security reasons.
Admins can find the affected versions in the Patch Update Advisory. Oracle claims to have resolved a total of 433 security issues.
Attackers are able to exploit critical vulnerabilites in Commerce, Communications Applications or GoldenGate without authentication. This also affects several healthcare and healthcare applications. As a rule, attackers can push and execute malicious code on systems by successfully exploiting critical vulnerabilities. Admins should act quickly here.
Attackers could also target virtual machines in Oracle VM VirtualBox. The warning message does not specifically indicate whether a breach into the host system is possible. MySQL Server is also vulnerable. The majority of vulnerabilities are classified with the threat level high. There are also several security updates for JavaSE. Attackers with network access could use the TLS protocol for attacks.