Oracle Quarterly Critical Patches Issued January 18, 2022
MS-ISAC ADVISORY NUMBER:2022-009
Multiple vulnerabilities have been discovered in Oracle products, which could allow for remote code execution
We recommend the following actions be taken:
- Apply appropriate patches or appropriate mitigations provided by Oracle to vulnerable systems immediately after appropriate testing.
- Run all software as a non-privileged user (one without administrative rights) to diminish the effects of a successful attack.
- Remind all users not to visit untrusted websites or follow links provided by unknown or untrusted sources.
- Inform and educate users regarding threats posed by hypeartext links contained in emails or attachments especially from untrusted sources.
- Apply the Principle of Least Privilege to all systems and services.