Oracle Rolls Out Major Security Patch
Author: Dave Lewis
Just in case you might have missed it, Oracle released an major security update yesterday. The patch contains 43 fixes.
I’m wondering, how many people diligently apply these patches? Frequently I see environments where the database is long overdue for a patch set. How about your environment?
From Network World:
Sixteen of the patches are for various database versions. The most severe vulnerability, which affects versions 9.2.0.8 and 9.2.0.8DV, “can potentially allow an attacker to gain full control of a vulnerable server,” according to a post on Oracle’s global product security blog. Other patches are for various 10g and 11g versions.
For a run down of the problems addressed, here are a list of the advisories from Secunia.
Oracle Products Multiple Vulnerabilities | Secunia
Oracle BEA WebLogic Products Multiple Vulnerabilities | Secunia
Oracle BEA WebLogic Portal Privilege Escalation | Secunia
For the full CPU posting from Oracle you can find that here.
