Today SAP has released another batch of its security notes, a regular event which happens every second Tuesday of the month. The total number of notes this month is 32, of which 18 have been released today. The other 14 notes have been released in the course of the past month. Those notes generally concerned re-releases. 

Since it is the second tuesday of the month, SAP has again published a new set of notes to patch vulnerabilities found in its software. Over the course of the month, counting from the last patch tuesday, a total of 30 new notes were published. Today, half of those notes were posted. 

It’s the second Tuesday of the month and another set of SAP Security Notes has been released. Since the previous Patch Day in August, SAP has released 32 notes, including 16 out-of-date and another 16 released this morning. One striking observation is that this is the fifth month in a row without a Hot News note; the highest category for notes based on risk. In addition to that, for the three high-priority notes, two of them are updates for a July note and the other one only affects a single country making the risk much smaller.

It’s the second Tuesday of the month, meaning another round of monthly SAP notes have been released. Below is our monthly analysis regarding the SAP vulnerabilities fixed, to help you keep your ERP environment safe and protected. For another month, there are no new notes tagged as Hot News, now making a four month streak in which notes of this severity are absent. There is still a need for action however, since three notes were reported as having High priority.

Today, SAP released their monthly security notes. This month, there are 23 new SAP notes that contain new switchable authorization checks in RFC, and 7 SAP notes for missing authorization checks. This month’s security notes also includes 29 note updates from previously published security notes. Taking into account that only 3 notes are considered high priority, it is safe to assume that October is not a ‘risky’ month. Nevertheless, many of this month’s notes require manual activation in order to ensure that they are fully effective in securing SAP.

SAP is a complex and ever changing system, whether because of changes introduced to your SAP implementation to better suit your business or through the application of Security Notes (Patches) to ensure that newly disclosed vulnerabilities are mitigated.

SAP is a complex and ever changing system, whether because of changes introduced to your SAP implementation to better suit your business or through the application of Security Notes (Patches) to ensure that newly disclosed vulnerabilities are mitigated.