Oracle said on Tuesday it issued a critical patch that provides fixes for certain of its products for Intel chip flaws.

The critical patch contains 237 new security fixes across several Oracle products, the company said on its website.

Separately, technology website The Register reported, citing a document in Oracle’s customers-only portal, that certain versions of Oracle Solaris on SPARCv9 are affected by one of the chip flaws, named Spectre, and the company was working on a security patch for it.

Oracle declined to comment on the report.

Separately, a Democratic US lawmaker asked Intel and two other microchip makers on Tuesday to provide a briefing on the recently detected Spectre and Meltdown security flaws that could allow hackers to steal information from most computers and devices.

“I am looking to better understand the nature of these critical vulnerabilities, the danger they pose to consumers, and what steps your companies plan to take to protect consumers,” California Representative Jerry McNerney wrote to the chief executives of Intel, SoftBank-owned ARM Holdings and Advanced Micro Devices.

The request is one of the first responses from the US Congress to the disclosure earlier this month by security researchers of the two major flaws, which may allow hackers to steal passwords or encryption keys on most types of computers, phones and cloud-based servers.

McNerney, a member of the House Energy and Commerce Committee, asked the companies to explain the scope of Spectre and Meltdown, their timeframe for understanding the vulnerabilities, how consumers are affected and whether the flaws have been exploited, among other questions.

© Thomson Reuters 2018



Source link