Please note that on September 22, 2017, Oracle released Security Alert for CVE-2017-9805. Please note that a MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at October 2017 Critical Patch Update: Executive Summary and Analysis. This Critical Patch Update contains 252 new security fixes across the product families listed below. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. Please refer to:Ĭritical Patch Updates and Security Alerts for information about Oracle Security Advisories. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Oracle Critical Patch Update Advisory - October 2017 DescriptionĪ Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities.
