Oracle Corp. has released its quarterly security software update, fixing a wide variety of vulnerabilities in its database and server products.The update addresses a total of 37 vulnerabilities in the company’s database software, as well as a large number of bugs in Oracle’s Application Server, Collaboration Suite, E-Business Suite, and PeopleSoft and JD Edwards software.Oracle did not release technical details on the patches, but according to security researcher Alexander Kornbrust, a number of them cover the Oracle Database Listener, a component of the database software that is used to connect clients to the database itself. “The listener is a kind of doorman to the database, and if you are able to own or overtake the listener, you own the entire system in the database,” said Kornbrust, a business director at Red-Database-Security GmbH, in Neunkirchen, Germany.Kornbrust predicted that corporate users will most likely want to test and apply these patches as soon as possible, in part because it is difficult to mitigate the effects of many of the vulnerabilities that have been addressed. “It’s necessary to apply these patches because a lot of binaries are patched, and it’s quite difficult to implement work-arounds for this,” he said. Oracle’s next quarterly patches are scheduled to be released on April 18, the company said.Oracle executives were not immediately available for comment in this story. By Robert McMillan – IDG News Service (San Francisco Bureau) Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe