More Fun With Patching: Oracle Critical Patch Update for October 2020

It’s the end of another quarter, and with it comes Oracle’s latest security patch updates.  In particular, there appear to be a number of items for Hyperion in this month’s rendition.

Looking at the above, of particular concern is the Hyperion Essbase component which has an exploit with a base score of 9.8.  This signifies a risk to the server since it can be exploited fairly easily, based upon the attack complexity rating.  Digging further, the recommendation is to patch the Essbase side of the components to at least Essbase 11.1.2.4.040, and Essbase Administration Server to 11.1.2.4.037. 

The second item on the list UI and Visualization addresses an issue with the Workspace, and the recommended patch is 11.1.2.4.825.  

While the other items may be a concern, their lower scores make them less of an immediate issue for customers and can most likely be addressed at a later patching time. 

Of course an Oracle Security release wouldn’t be complete without WebLogic patching as well.  The current version has updates for both 11.1.2.x customers and 11.2.x customers.  In the case of 11.2.x customers this is the customary CPU patch for WebLogic, and for 11.1.2.x customers it is both a full WebLogic Server patch and a CPU patch.

As always, if you need assistance applying Oracle patching, let iArch Solutions assist, we’re here to help!