Skip to main content
In light of recent global events, there is a heightened risk of cyber-attacks. We urge local organisations to exercise additional vigilance when monitoring IT infrastructure. Please report suspicious activity to us via our Cyber Concerns Reporting Tool.

Overview

Oracle is a technology firm providing a vast range of software products for businesses worldwide. If your organisation uses large databases, analytics or business management software (in any sector) then there is a good chance that you’ve heard of, or used, Oracle products.

This month (January 2022), Oracle have released 497 new security patches as part of their Critical Patch Update.

A number of these security patches will fix vulnerabilities that would allow remote exploit without authentication.

Action should be taken to identify your Oracle products and apply the appropriate security patches as soon as practicable. Mitigation workarounds may also be implemented if applying the patches is not possible.

Oracle’s Critical Patch Update Advisory can be read here: https://www.oracle.com/security-alerts/cpujan2022.html

Recommended Action

  • Frequently monitor and review security updates for all of your systems and devices. Implement security patches as soon as practicable. Set your devices to update automatically wherever possible.

  • It is good practise to back up your system and/or important files before installing any major updates.

  • Take a look at the ‘5 Steps to Cyber Security’ guidance on our Advice & Guidance page for more guidance on how to better protect your organisation.

Topics

  • Advisory
  • Vulnerability
  • Exploit
  • Patches and Updates