Oracle is advising customers to update Vulnerability-related.PatchVulnerability their database software following the discovery Vulnerability-related.DiscoverVulnerability and disclosure Vulnerability-related.DiscoverVulnerability of a critical remote code execution vulnerability . The flaw , dubbed CVE-2018-3110 was given a CVSS base score of 9.9 ( out of 10 ) and Oracle warns Vulnerability-related.DiscoverVulnerability that successful exploit of the bug `` can result in complete compromise of the Oracle Database and shell access to the underlying server . '' `` Due to the nature of this vulnerability , Oracle strongly recommends that customers take action without delay , '' Oracle says . Vulnerable versions of Database Server include 11.2.0.4 , 12.1.0.2 , 12.2.0.1 , and 18 . Admins are advised to install Oracle 's update as soon as possible . No credit was given for discovery or reporting . The flaw itself is found Vulnerability-related.DiscoverVulnerability in the JavaVM component of Oracle Database Server and is not considered a remote code exploit flaw , as it requires the attacker have a connection to the server via Oracle Net , the protocol Oracle servers use to connect with client applications . Other than that , however , there is little else required for a successful attack that gives complete control over the host server . The Oracle patch will only pile on to what is going to be a busy week for IT departments and administrators . In addition to this fix Vulnerability-related.PatchVulnerability , Microsoft is releasing Vulnerability-related.PatchVulnerability its monthly Patch Tuesday security update for Windows , Office , and Internet Explorer/Edge today , and Adobe has posted Vulnerability-related.PatchVulnerability fixes for security holes in Flash Player , Acrobat/Reader , Creative Cloud , and Experience manager . Our advice is to keep a pot of coffee handy and reserve a table at the pub for when this is all over with .

Overall , the chip giant patched Vulnerability-related.PatchVulnerability five vulnerabilities across an array of its products . Intel on Tuesday patched Vulnerability-related.PatchVulnerability three high-severity vulnerabilities that could allow the escalation of privileges across an array of products . Overall , the chip giant fixed Vulnerability-related.PatchVulnerability five bugs – three rated high-severity , and two medium-severity . The most concerning of these bugs is an escalation-of-privilege glitch in Intel ’ s PROset/Wireless Wi-Fi software , which is its wireless connection management tool . The vulnerability , CVE-2018-12177 , has a “ high ” CVSS score of 7.8 , according to Intel ’ s update . “ Intel is releasing Vulnerability-related.PatchVulnerability software updates to mitigate Vulnerability-related.PatchVulnerability this potential vulnerability , ” it said , urging users to update Vulnerability-related.PatchVulnerability to version 20.90.0.7 or later of the software . The vulnerability , reported Vulnerability-related.DiscoverVulnerability by Thomas Hibbert of Insomnia Security , stems from improper directory permissions plaguing the software ’ s ZeroConfig service in versions before 20.90.0.7 . The issue could allow an authorized user to potentially enable escalation of privilege via local access . The other high-severity bug exists in Vulnerability-related.DiscoverVulnerability the company ’ s System Support Utility for Windows , which offers support for Intel-packed Windows device users . This bug ( CVE-2019-0088 ) is due to insufficient path checking in the support utility , allowing an already-authenticated user to potentially gain escalation of privilege via local access . The vulnerability has a CVSS score of 7.5 . Versions of System Support Utility for Windows before 2.5.0.15 are impacted Vulnerability-related.DiscoverVulnerability ; Intel recommends Vulnerability-related.PatchVulnerability users update Vulnerability-related.PatchVulnerability to versions 2.5.0.15 or later . Independent security researcher Alec Blance was credited with discovering Vulnerability-related.DiscoverVulnerability the flaw . The chip-maker also patched Vulnerability-related.PatchVulnerability a high-severity and medium-severity flaw in its Software Guard Extensions ( SGX ) platform and software , which help application developers to protect select code and data from disclosure or modification . “ Multiple potential security vulnerabilities in Intel SGX SDK and Intel SGX Platform Software may allow escalation of privilege or information disclosure , ” said Vulnerability-related.DiscoverVulnerability Intel . The high-severity flaw in SGX ( CVE-2018-18098 ) has a CVSS score of 7.5 and could allow an attacker with local access to gain escalated privileges . The vulnerability is rooted in Vulnerability-related.DiscoverVulnerability improper file verification in the install routine for Intel ’ s SGX SDK and Platform Software for Windows before 2.2.100 . It was discovered Vulnerability-related.DiscoverVulnerability by researcher Saif Allah ben Massaoud . Another vulnerability in the platform ( CVE-2018-12155 ) is only medium in severity , but could allow an unprivileged user to cause information disclosure via local access . That ’ s due to data leakage Attack.Databreach in the cryptographic libraries of the SGX platform ’ s Integrated Performance Primitives , a function that provides developers with building blocks for image and data processing . And finally , a medium escalation of privilege vulnerability in Intel ’ s SSD data-center tool for Windows has been patched Vulnerability-related.PatchVulnerability . “ Improper directory permissions in the installer for the Intel SSD Data Center Tool for Windows before v3.0.17 may allow authenticated users to potentially enable an escalation of privilege via local access , ” said Vulnerability-related.DiscoverVulnerability Intel ’ s update . The company recommends users update to v3.0.17 or later . Intel ’ s patch comes Vulnerability-related.PatchVulnerability during a busy patch Tuesday week , which includes fixes from Adobe and Microsoft .