Oracle released its quarterly critical patch update (CPU) for Q3 2018, the October edition, during which the company fixed 301 vulnerabilities.
According to the folks at ERPScan, in 2018, Oracle patched 1119 vulnerabilities, the same number of flaws it patched last year in 2017.
in ZDNet by
Catalin Cimpanu
SAP released its October 2018 set of patches that included 11 security notes, the company also released 4 updates to previously released notes.
The patches include 15 notes, 2 rated Hot News and one of which is the first note for SAP BusinessObjects in over five years.
in Security Affairs by
Pierluigi Paganini
July’s critical patch update addresses 334 security vulnerabilities (including 61 rated critical) covering a vast swathe of the Oracle enterprise portfolio. “As it manages a wide range of business processes and stores key data, a successful attack against PeopleSoft allows an attacker to steal or manipulate different business critical information, depending on modules installed in an organization,” ERPScan noted in its analysis.
in Threat Post by
Tara Seals
The US Treasury sanctioned ERPScan and four other companies accusing them of helping the Russian government hack. But Alexander Polyakov vehemently denied the accusations.
in Vice Motherboard by
Lorenzo Franceschi-Bicchierai
ERPScan CTO Alexander Polyakov Shares Insights on the ERP Security Landscape.
in BankInfoSecurity by
Varun Haran
Oracle EBS and PeopleSoft are used to manage a wide range of business processes and to store key data. A successful attack against them could allow “an attacker to steal and manipulate different business critical information, depending on modules installed in an organization,” said researchers from security firm ERPScan, who reported one of the vulnerabilities patched in this CPU.
in Security Boulevard by
Lucian Constantin
According to analyst ERPScan, 30 of the Fusion Middleware bugs can be exploited over a network without even needing to enter user credentials, making them critical to patch.
in InfoSecurity by
Phil Muncaster
Oracle’s Critical Patch Update (CPU) for April 2018 contains 254 new security fixes, 153 of which address vulnerabilities in business-critical applications.
in Security Week by Ionut Arghire
SAP released the April 2018 Security Patch Day, a collection of ten security patches that also address critical vulnerabilities in web browser controls in SAP Business Client.
in Security Affairs by Pierluigi Paganini
SAP has issued its April security update, which brings a waiting world news of ten patch-worthy problems. The nastiest has a CVSS rating of 9.8 and impacts SAP’s Business Client, the desktop tool to access much of its wares.
in The Register by Richard Chirgwin