All news with #oracle tag

🔔 Oracle will issue monthly Critical Security Patch Updates (CSPUs) for its ERP, database and other software, shifting from a quarterly cadence to address faster AI-driven vulnerability discovery. The first monthly CSPU will arrive May 28, then releases will follow on the third Tuesday of each month (June 16, July 21, August 18). Oracle will still publish a cumulative quarterly Critical Patch Update and will auto-apply fixes for customers in Oracle-managed cloud environments. The change primarily affects customers running Oracle software on premises or in third-party hosting.

🧭 Oracle AI Database@Google Cloud brings Oracle's mission-critical databases natively into Google Cloud to enable direct pipelines from enterprise records to the AI layer. The announcement expands regional availability, introduces an Oracle AI Database Agent for Gemini interaction, and integrates with Database Center, Knowledge Catalog, OCI GoldenGate, and VPC Service Controls. These features aim to lower latency, simplify governance, and make Oracle data actionable for agentic AI workflows.

🚀 Oracle Database@AWS is now generally available in five additional AWS Regions — EU-West-1 (Dublin), EU-West-2 (London), AP-South-1 (Mumbai), AP-South-2 (Hyderabad), and AP-Northeast-2 (Seoul) — expanding coverage to twelve Regions. The service enables AWS customers to access OCI-managed Oracle Exadata systems from within AWS data centers, supporting in-region data residency and migrations of on-prem Exadata and RAC workloads. Dublin, Mumbai, and Hyderabad offer two Availability Zones while London and Seoul currently provide one; CA-Central-1 and AP-Southeast-2 now support two AZs for enhanced production availability. To consume the service, request a private offer from Oracle via the AWS Marketplace and provision databases through the AWS Management Console.

📣 Amazon RDS for Oracle now supports Oracle Management Agent version 24.1.0.0.v1 for Oracle Enterprise Manager Cloud Control 24aiR1. To enable it, add the OEM_AGENT option in Option Groups and set the AGENT_VERSION to "24.1.0.0.v1". You must also configure OMS hostname (or IP), port, agent registration password, and a minimum TLS version of TLSv1.2 so the agent can securely communicate with your Oracle Management Service. Refer to the Amazon RDS for Oracle documentation for full configuration guidance.

⚡ Oracle Database@AWS (ODB@AWS) now provides consistent sub-millisecond roundtrip latency between Amazon EC2 instances and ODB@AWS databases. By automatically optimizing compute placement within ODB@AWS networks, customers can migrate latency-sensitive workloads — such as payment processing and securities trading — to AWS while using existing EC2 APIs and workflows. There is no additional charge for EC2 instances using the optimized placement; the capability is available in six Regions today, with more Regions planned.

⚠ A critical Oracle WebLogic RCE (CVE-2026-21962, CVSS 10.0) was weaponized the same day public exploit code was released, a CloudSEK honeypot study found. The high-interaction honeypot, run between January 22 and February 3, 2026, recorded immediate automated scanning and exploitation attempts. Researchers also observed probes for older WebLogic flaws and widespread generic web reconnaissance. Organizations are urged to apply patches, restrict console access, deploy WAFs and monitor logs.

🔒 Oracle has released fixes for a critical pre-authentication remote code execution flaw, CVE-2026-21992, affecting Oracle Identity Manager and Oracle Web Services Manager. The issue carries a CVSS score of 9.8 and is described by NVD as "easily exploitable" over HTTP by unauthenticated attackers. Oracle says the flaw can enable full takeover of vulnerable instances and urges customers to apply updates immediately.

🛡️ Oracle has released an out-of-schedule security update to fix a critical unauthenticated remote code execution vulnerability, tracked as CVE-2026-21992, that affects Oracle Identity Manager and Oracle Web Services Manager. Oracle says the flaw is low complexity, exploitable remotely over HTTP without authentication or user interaction. The company strongly recommends applying patches or mitigations immediately and notes fixes via the Security Alert program are limited to supported versions.

📄 Mistral Document AI 2512 in Microsoft Foundry combines high-end OCR (mistral-ocr-2512) with contextual extraction (mistral-small-2506) to convert scans, photos and digital documents into structured JSON and markup while preserving layout, tables and handwritten notes. It emphasizes enterprise-grade accuracy, multilingual coverage and private/secure inference. Paired with the ARGUS accelerator, organizations can deploy end-to-end pipelines quickly and switch OCR providers at runtime.

🚀 The preview of the Spanner columnar engine enables low-latency serving of Apache Iceberg lakehouse data with Spanner’s horizontal scale and strong consistency. It adds a columnar storage layer and vectorized execution to accelerate analytical scans — Google cites up to 200× faster scans — while isolating heavy analytical queries from transactional workloads. The feature supports on-demand columnar conversion, automatic query routing, and reverse ETL integrations with BigQuery, Databricks, Snowflake and Oracle to make curated analytical data available for real-time applications.

🔔 Amazon RDS for Oracle now supports the Oracle January 2026 Release Update (RU) for Oracle Database versions 19c and 21c, and the corresponding Spatial Patch Bundle for 19c. The January 2026 RU includes important security updates, while the Spatial Patch Bundle delivers fixes to improve Oracle Spatial and Graph reliability and performance. You can apply these updates via the AWS Management Console, AWS SDK, or CLI, enable Automatic Minor Version Upgrade to apply during maintenance windows, and use AWS Organizations upgrade rollout policy to stagger upgrades across environments.

📢 Oracle Database@AWS is now available in CA-Central-1 (Canada Central) and AP-Southeast-2 (Sydney), each starting with one Availability Zone. The service provides access to OCI-managed Exadata systems hosted inside AWS data centers, enabling like-for-like migrations of on-premises Oracle Exadata and RAC workloads. Integrations with AWS services such as AWS KMS for encryption and Amazon CloudWatch for monitoring are supported. Customers must request a private offer from Oracle via the AWS Marketplace and use the AWS Management Console to provision and manage databases.

🔁 Amazon RDS for Oracle now supports database replicas for instances configured in Oracle multi-tenant (CDB/PDB) environments. You can create replicas in mounted or read-only modes via the AWS Management Console, CLI, or SDK, with Amazon RDS managing asynchronous physical replication using Oracle Data Guard. Replicas can scale read workloads, be promoted for disaster recovery, or be configured as cross-Region copies; licensing requirements differ by mode and should be reviewed before deployment.

🔒 TikTok USDS Joint Venture LLC was formed to allow TikTok to continue operating in the U.S. under a majority-American ownership while ByteDance retains 19.9%. U.S. users' data and a retrained recommendation algorithm will be hosted in Oracle's secure U.S. cloud and protected under defined safeguards for algorithm security, content moderation, and software assurances. An independent, audited cybersecurity and privacy program will follow standards such as NIST CSF, NIST 800-53, ISO 27001, and CISA requirements.

🛡️ Oracle's January quarterly update delivers 337 security fixes across its product portfolio, including 27 rated critical. The vendor reports no known in-the-wild exploitation at release, but urges priority attention to the 13 CVEs mapped to critical severity. A substantial share of patches address third-party and open-source components such as Apache Tika, creating cross-product CVE overlap and assessment complexity.

📍 Oracle Database@AWS is now generally available in US‑East‑2 (Ohio), EU‑Central‑1 (Frankfurt), and AP‑Northeast‑1 (Tokyo). With this expansion, customers can run OCI Exadata Database Service, OCI Autonomous Database on Dedicated Infrastructure, and OCI Autonomous Recovery Service within AWS data centers across five regions. The launch simplifies migration of on‑premises Exadata workloads and helps meet in‑region data residency requirements. To consume the services, customers request a private offer from Oracle via the AWS Marketplace and provision resources through the AWS Management Console.

🔒 University of Phoenix disclosed a breach affecting 3,489,274 individuals after attackers accessed its systems in August and stole sensitive personal and financial data. Investigators say the intrusion targeted the Oracle E-Business Suite, exploiting a zero-day tracked as CVE-2025-61882, active August 13–22 and detected November 21. The university is offering 12 months of credit and dark web monitoring, identity recovery and a $1m fraud reimbursement. The incident is linked to Clop and forms part of a wider campaign that has hit more than 100 organizations.

🔁 AWS announced that customers can now share Oracle Database@AWS AWS Marketplace entitlements across accounts within an AWS Organization. Organizations can accept a single Marketplace offer in one account and allocate that entitlement to additional accounts via AWS License Manager or APIs. Recipient accounts can activate shared entitlements and begin consuming services immediately. The feature is available in all Regions where Oracle Database@AWS is offered.

🔒 LKQ has confirmed a cyber-attack targeting its Oracle E-Business Suite environment that exposed personal information for more than 9,070 individuals. The company reports the intrusion occurred on August 9 and was discovered on October 3, with a detailed data analysis finalised on December 1 and notifications sent on December 15. Compromised items include LKQ Employer Identification Numbers and Social Security numbers; LKQ took the EBS environment offline, engaged an external forensic firm, and is offering two years of complimentary credit monitoring and identity restoration through Cyberscout (a TransUnion company). LKQ says it has implemented additional safeguards, strengthened security monitoring, and reinforced policies and controls.

🔒Barts Health NHS Trust has applied to the High Court seeking an order to prevent the sharing, publication or use of data stolen from an Oracle E-business Suite database. A criminal group known as Cl0p posted compressed files on the dark web containing names, addresses and invoicing records relating to patients, suppliers and former staff. The trust says clinical systems and core IT infrastructure were unaffected and it is working with NHS England, the NCSC and law enforcement while notifying regulators.