Oracle has released its first quarterly critical patch update of the year, urging customers to immediately apply the bundle's 270 fixes to a number of its products. More than 100 vulnerabilities that were fixed could be compromised by a remote attacker without requiring any credentials. Most remote vulnerabilities could be exploited over the HTTP protocol. This Critical Patch Update contains17 new security fixes for Oracle Java SE. Sixteen (16) of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials. Twenty-seven (27) vulnerabilities were fixed in MySQL as compared to only 2 for the Oracle database.