Enterprise hardware and software firm Oracle has a pretty big 'Patch Tuesday' of its own lined up for tomorrow. A so-called "Critical Patch Update" scheduled to roll out on January 17, 2012 is the first of the year for Oracle and will include 78 new security vulnerability fixes across hundreds of Oracle products, some of them affecting multiple products, the company stated in a pre-release announcement.
"Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible," Oracle said.
Over a dozen of the existing vulnerabilities have the potential to be exploited remotely over a network without any kind of authentication, such as a username and password. Out of all the products being patched, MySQL will receive the most fixes at 27, while vulnerabilities affecting Sun Products Suite are deemed the most severe with the highest common vulnerability scoring system (CVSS) rating of 7.8.
Looking ahead, Oracle will roll out additional Critical Patch Updates on April 17, July 17, and October 16 later this year. For Oracle Java SE, Critical Patch Updates are scheduled for February 14, June 12, and October 16.