Oracle's Critical Patch Update July 2022: What has changed?

Isabel Clifton 19-Jul-2022 16:06:25

Oracle release a Critical Patch Update once every quarter with a collection of patches for various security vulnerabilities. These are for both code and third-party component part of Oracle products.

This quarter's Critical Patch Update features 347 new security patches across a range of Oracle products. Due to the threat posed by potential cyber-attacks, we highly recommend that customers apply Critical Patch Update fixes as soon as possible. 

What should I do?

Below, we've listed the products affected by the update and the number of identified vulnerabilities for each of them. If you use any of these products, it’s vital you take action to address the potential vulnerabilities in your environment. But don’t worry, DSP-Explorer is here to help. Organisations often approach us at times like this to make use of our Oracle Consultancy services to help carry out their patches. So, if this is something you're concerned about, please do get in touch.

  • Oracle Database Server: 3
  • Oracle Big Data Graph: 1
  • Oracle Essbase: 1
  • Oracle Global Lifecycle Management: 1
  • Oracle GoldenGate: 2
  • Oracle Graph Server and Client: 1
  • Oracle REST Data Services: 1
  • Oracle Spatial Studio: 1
  • Oracle TimesTen In-Memory Database: 1
  • Oracle Commerce: 3
  • Oracle Communications Applications: 7
  • Oracle Communications: 18
  • Oracle Construction and Engineering: 4
  • Oracle E-Business Suite: 1
  • Oracle Enterprise Manager: 3
  • Oracle Financial Services Applications: 23
  • Oracle Food and Beverage Applications: 2
  • Oracle Fusion Middleware: 14
  • Oracle Health Sciences Applications: 2
  • Oracle HealthCare Applications: 2
  • Oracle Hospitality Applications: 2
  • Oracle Java SE: 2
  • Oracle JD Edwards: 2
  • Oracle MySQL: 6
  • Oracle PeopleSoft: 1
  • Oracle Policy Automation: 2
  • Oracle Retail Applications: 12
  • Oracle Siebel CRM: 1
  • Oracle Supply Chain: 6
  • Oracle Systems: 2
  • Oracle Utilities Applications: 1
  • Oracle Virtualization: 1

Some of these vulnerabilities are a particular cause for concern because they can be remotely exploitable without authentication (over a network without needing user credentials to access), so it's important to prioritise these patches.

Seeing a long list of vulnerabilities can be a cause for concern in itself, but if you stay up-to-date with Critical Patch Updates, your environment will always remain secure.

Please get in touch if you would like any support or advice on patching or securing your estate.