Black Arrow Cyber Advisory 16 October 2025 - Security Updates from Microsoft, SAP, Fortinet, Ivanti and Oracle (E-Business Suite)

Written By Black Arrow Admin

Executive Summary

This month’s updates span Microsoft’s regular Patch Tuesday release, SAP’s Security Patch Day, large batches from Fortinet across network and endpoint products, targeted fixes from Ivanti for enterprise mobility/secure access, and a standalone Oracle Security Alert for E-Business Suite issued on 11 October. Prioritise actively exploited Windows issues (where present), SAP high and critical security notes, Fortinet gateway/endpoint components, Ivanti EPM/EPMM/Neurons platforms, and Oracle E-Business Suite where exposure is internet-facing.

Vulnerabilities by Vendor

  • Microsoft: 173 vulnerabilities including five critical-severity security defects and two flaws that have been exploited in the wild.Vulnerabilies affecting Windows (client/server), Office/SharePoint, .NET/Visual Studio, Azure services, and Microsoft Edge (Chromium). Prioritise patches addressing any actively exploited items and Critical RCE/EoP paths in Windows and server components.

  • SAP: 16 new and updated patches as part of its monthly rollout, across on-prem and cloud product families (e.g., NetWeaver, S/4HANA, Business Objects). Prioritise High/Critical security notes and authentication/authorisation weaknesses.

  • Fortinet: 29 advisories across FortiOS/FortiProxy, FortiDLP, FortiClient, FortiIsolator, FortiPAM, FortiManager/Analyzer, FortiADC/FortiWeb and others. Prioritise High/Critical items on perimeter firewalls, proxies and endpoint agents; review PSIRT entries for products you operate.

  • Ivanti: Several updates across Endpoint Manager (EPM), End Point Manager Mobile (EPMM) and Neurons. Prioritise High/Critical updates for EPM and EPMM; apply latest EPM/EPMM and Neurons updates if not yet deployed.

  • Oracle (E-Business Suite only): 1 vulnerability (Security Alert CVE-2025-61884, released 11 October 2025), affecting E-Business Suite 12.2.3–12.2.14. Vulnerability is remotely exploitable without authentication; prioritise immediate patching on any externally accessible instances.

What’s the risk to me or my business?

The presence of actively exploited zero-days and critical RCE/privilege escalation vulnerabilities across major enterprise platforms significantly elevates the risk of data breaches, lateral movement, malware deployment, and full system compromise.

What can I do?

Black Arrow recommends promptly applying the available security updates for all affected products. Prioritise patches for vulnerabilities that are actively exploited or rated as critical or high severity. Regularly review and update your organisation's security policies and ensure that all systems are running supported and up-to-date software versions.

Sources:
1 Microsoft — https://msrc.microsoft.com/update-guide
2 SAP — https://support.sap.com/en/my-support/knowledge-base/security-notes-news/october-2025.html
3 Fortinet — https://www.fortiguard.com/psirt
4 Ivanti — https://www.ivanti.com/blog/october-2025-security-update
5 Oracle — (E-Business Suite Security Alert CVE-2025-61884) — https://www.oracle.com/security-alerts/alert-cve-2025-61884.html

 

Black Arrow Admin
Previous

Black Arrow Cyber Threat Intelligence Briefing 17 October 2025
Next

Black Arrow Cyber Threat Intelligence Briefing 10 October 2025