inlumi blog

Do you want a secure EPM system? Don't forget Critical Patch Updates!

Do you want a secure EPM system? Don't forget Critical Patch Updates!

March 27th, 2018

Every quarter, Oracle releases Critical Patch Updates (CPU) for their products. The Oracle EPM community is familiar with the normal Oracle EPM PSU/PSE patches which address functional aspects of the EPM products, either fixing defects or introduce new enhancements.

In contrast to EPM PSU/PSE patches, the CPU patches get relatively little attention within the EPM community while they are critical for securing Oracle EPM systems.

On a quarterly basis, inlumi trawls through the list of CPU patches and isolates the CPUs which are important for Oracle EPM installations. We then test these patches in the inlumi labs to ensure that the patches can be applied to the relevant environments. When applicable, inlumi runs vulnerability scans to ensure that the indicated security flaws (CVEs) have been addressed by the patches.

In January 2018, Oracle released 238 security related fixes for its products. Though none of the CPU patches directly relate to EPM products, they do impact the EPM’s middleware components on which Oracle EPM products rely. It is therefore critical that those underlying products are correctly patched.

January's patches have now been validated in the inlumi Labs and the list of safe patches are known.

If you would like to discuss securing your environments, get in contact with us at inlumi.

About the author

Kieron Cassidy

Kieron Cassidy
Infrastructure Practice Lead at inlumi

Kieron Cassidy is the Infrastructure Domain Lead at inlumi with over 22 years of IT related experience and 18 years specialising in EPM/CPM technical support, implementations, migrations, performance tuning, load testing, infrastructure design and security. Before joining inlumi, Kieron worked as a Mechanical Design Engineer, IT systems integrator and spent time as an Support Specialist with Hyperion Solutions.