X

The Oracle Security blog discusses Oracle's security policies and practices, and explores security trends.

Security Updates

Industry Insights

Intel Processor L1TF vulnerabilities: CVE-2018-3615, CVE-2018-3620, CVE-2018-3646

Today, Intel disclosed a new set of speculative execution side-channel processor vulnerabilities affecting their processors.    These L1 Terminal Fault...

Critical Patch Updates

Security Alert CVE-2018-3110 Released

Oracle just released Security Alert CVE-2018-3110.  This vulnerability affects the Oracle Database versions 11.2.0.4 and 12.2.0.1 on Windows.  It has received a...

Critical Patch Updates

July 2018 Critical Patch Update Released

Oracle today released the July 2018 Critical Patch Update. This Critical Patch Update provided security updates for a wide range of product families, including:...

Security Updates

Updates about the “Spectre” series of processor vulnerabilities and CVE-2018-3693

A new processor vulnerability was announced today. Vulnerability CVE-2018-3693 (“Bounds Check Bypass Store” or BCBS) is closely related to Spectre v1. As with...

Oracle Security

Updates about processor vulnerabilities CVE-2018-3640 (“Spectre v3a”) and CVE-2018-3639 (“Spectre v4”)

Two new processor vulnerabilities were publicly disclosed on  May 21, 2018.  They are vulnerabilities CVE-2018-3640 ( “Spectre v3a” or “Rogue System Register...

Oracle Security

Processor vulnerabilities CVE-2018-3640 (“Spectre v3a”) and CVE-2018-3639 (“Spectre v4”)

The Oracle security and development teams are aware of vulnerability CVE-2018-3640 (a.k.a. “Spectre v3a”) and CVE-2018-3639 (a.k.a. “Spectre v4”).  Oracle is...

Critical Patch Updates

April 2018 Critical Patch Update Released

Oracle today released the April 2018 Critical Patch Update. This Critical Patch Update provided security updates for a wide range of product families,...

Critical Patch Updates

January 2018 Critical Patch Update Released

Oracle today released the January 2018 Critical Patch Update. This Critical Patch Update provides fixes for a wide range of product families including: Oracle...

Critical Patch Updates

Security Alert CVE-2017-10269 Released

Oracle just released Security Alert CVE-2017-10269 to address a number of vulnerabilities affecting the Jolt Server within Oracle Tuxedo.  The maximum reported...

Oracle

Integrated Cloud Applications & Platform Services