[ISN] Oracle’s Quarterly Critical Patch Update Includes 25 Java Security Patches

http://adtmag.com/articles/2014/10/21/java-security-patches.aspx By John K. Waters adtmag.com 10/21/2014 Oracle’s recently released quarterly Critical Patch Update (CPU) contained 155 new security vulnerability fixes across Oracle’s product lines, including 25 for new Java SE vulnerabilities and 9 affecting the Java Virtual Machine (JVM) in the Oracle Database. The list of Java vulnerabilities addressed with this CPU includes 20 that affect client-only deployments of Java SE, 2 of which are browser-specific, four that affect client and server deployments of Java SE, and one that affects client and server deployments of the Java Secure Socket Extension (JSSE). Oracle says 22 of the fixes address vulnerabilities that may be remotely exploitable without authentication