Doug Bidwell

• IBM i PTF Guide, Volume 27, Number 46

  November 17, 2025 Doug Bidwell

  Last week, we told you about two security vulnerabilities with Java on the IBM i platform, and this week we have another one that you need to cope with.

  This vulnerability is Security Bulletin: IBM i is affected by Remote Code Execution, Deserialization of Untrusted Data, and Improper Access Controls vulnerabilities in IBM Java SDK and IBM Java Runtime [CVE-2025-50106, CVE-2025-30749, CVE-2025-30761, CVE-2025-30754], and more information about it can be found here. Here are the remediation and fixes for this latest Java issue by IBM i release:

  IBM i Release	5770-JV1 PTF Number(s)			
  7.6	7.5		7.4		7.3
  SJ06886	SJ06885	

  …

  Read more

• IBM i PTF Guide, Volume 27, Number 45

  November 10, 2025 Doug Bidwell

  It has been a while since we saw new security vulnerabilities, and when you thought that, you jinxed the enter IBM i community. So thanks for that, and specifically, for the three new vulnerabilities we will tell you about now.

  First, we have Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM WebSphere Application Server and WebSphere Application Server Liberty due to the October 2025 CPU, which you can read more about here. The affected products are:

  Affected Product(s)			   Version(s)
  IBM WebSphere Application Server	   9.0
  IBM WebSphere Application Server	   8.5
  WebSphere Application Server - Liberty	   Continuous delivery
  

  Second, …

  Read more

• IBM i PTF Guide, Volume 27, Number 44

  November 3, 2025 Doug Bidwell

  Welcome to the IBM i PTF Guide, we start out this week with a security vulnerability. Specifically, we have Security Bulletin: IBM i is affected by a privilege escalation in IBM i SQL services [CVE-2025-36367], about which you can find out more at this link. IBM strongly recommends addressing the vulnerability now, with the following patches:

  IBM i Release	5770-SS1	PTF Number(s)
  7.6			        SJ07552
  			        SJ07650
  			        SJ07651
  			        SJ07652	
  7.5			        SJ07553
  			        SJ07653
  			        SJ07654
  			        SJ07655	
  7.4			        SJ07554
  			        SJ07656
  			        SJ07657
  			        SJ07658	
  7.3			        SJ07555
  			        SJ07659
  			        SJ07660
  			        SJ07661	
  7.2			        SJ07556
  			        SJ07662
  			        SJ07663
  			        SJ07664 
  

  And now, for downloads and drivers: Upcoming Migration of Secure File Transfer …

  Read more

• IBM i PTF Guide, Volume 27, Number 43

  October 27, 2025 Doug Bidwell

  In case you have been away on vacation or just fell asleep for a few weeks, we wanted to remind you that there are Technology Refreshes for the two most recent IBM i releases.

  IBM i 7.6 Technology Refresh 1 has a planned availability date of November 21, 2025 and you can find out more at this link. IBM i 7.5 Technology Refresh 7 has the same availability, and you can find out more here.

  Here is the rundown of PTF Groups by IBM i release level since we last published:

  PTF Groups 7.6:

  • QMGTOOLS
  • RPG Café
  • Visual

  …

  Read more

• IBM i PTF Guide, Volume 27, Number 42

  October 20, 2025 Doug Bidwell

  Just a reminder that IBM’s System Planning Tool Version 6.25.287.0 is available for download. You can get the feeds and speeds of SPT 4, 6, and 6 at this link and the download for the latest version at this link. This one has features for adding the “Spyre” AI accelerator to Power Systems, among many other updates.

  Other than that update to SPT, it has been a pretty quiet week here at the IBM i PTF Guide.

  Here is the rundown of PTF Groups by IBM i release level since we last published:

  PTF Groups 7.6:

  • HIPERs (High

  …

  Read more

• IBM i PTF Guide, Volume 27, Number 41

  October 13, 2025 Doug Bidwell

  I don’t know about you, but we figured there were Technology Refreshes coming, especially with IBM’s TechExchange 2025 developer conference going on last week. However, unlike in past years, we didn’t get any advanced warning. So check out the initial coverage of the new TRs for IBM i 7.5 and IBM i 7.6 and keep an eye out for the coming weeks of detailed drill-downs.

  There is also a pretty serious set of vulnerabilities in the IBM i platform that you need to deal with. Check out Security Bulletin: IBM i is affected by Remote Code Execution, Deserialization of Untrusted …

  Read more

• IBM i PTF Guide, Volume 27, Number 40

  October 6, 2025 Doug Bidwell

  Welcome to another edition of the IBM i PTF Guide. Let’s get right to it.

  This week we start off with new microcode for Firmware 1050. . . specifically for 1050.52 and 1050.60 levels. These service packs include the following Security/HIPER issues: A security problem was fixed for CVE-2025-52497 and CVE-2025-49087 and a security problem was fixed for CVE-2025-38556. This applies to IBM Power S1022s (9105-22B), Power S1022 (9105-22A), and Power S1014 (9105-41B) machines.

  There is also another security vulnerability in the integrated Apache Web server embedded in IBM i. See Security Bulletin: IBM WebSphere Application Server is affected …

  Read more

• IBM i PTF Guide, Volume 27, Number 39

  September 29, 2025 Doug Bidwell

  It is another quiet week in IBM i Land, where we once again have two security bulletins but also have a transition to end of support services for the Power S924.

  On the security vulnerability front, we have Security Bulletin: IBM i is affected by denial of service vulnerabilities in IBM WebSphere Application Server Liberty [CVE-2025-36097, CVE-2025-36047, CVE-2025-48976], which you can find out more here. Here are the patches for this issue by release:

  IBM i Release	5770-SS1 Option 3	PTF Number(s)
  7.6				        SJ06595
  7.5				        SJ06596
  7.4				        SJ06597
  7.3				        SJ06599	
  7.2				        SJ06601
  

  Second, we have Security Bulletin: IBM i …

  Read more

• IBM i PTF Guide, Volume 27, Number 38

  September 22, 2025 Doug Bidwell

  It’s another quiet week in Lake Security Vulnerabilities Be Gone, with the drought on the Eastern seaboard meeting a cold snap that is bringing autumn colors to the leaves a bit earlier than many had expected or liked. It is better than rain, mind you, except when it starts fires.

  The good news is that there were no security vulnerabilities this week. So all secure there if you are up to date.

  Here is the rundown of PTF Groups by IBM i release level since we last published:

  PTF Groups 7.6:

  • SAP support required PTF list for IBM i 7.6

  …

  Read more

• IBM i PTF Guide, Volume 27, Number 37

  September 15, 2025 Doug Bidwell

  This week in IBM i Land, we have two security bulletins, and new System Planning Tool adding the Power11 machines, and a bunch of new microcode. Let’s start with the security vulnerabilities as we always do.

  First, we have Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by a denial of service due to Apache Commons FileUpload (CVE-2025-48976). The affected products are:

  Affected Product(s)				Version(s)
  IBM WebSphere Application Server		9.0
  IBM WebSphere Application Server		8.5
  IBM WebSphere Application Server Liberty		17.0.0.3 - 25.0.0.8
  

  Second, we have Security Bulletin: IBM WebSphere Application Server Liberty could provide …

  Read more

Previous Articles Next Articles