Short answer, yes.
From Internet News:
Four times a year Oracle releases its Critical Patch Update (CPU), which often reveals database flaws numbering in the double digits. But for users who want to take additional steps to secure their Oracle databases, rather than wait for the quarterly CPU, there are other options.
This week, database security vendor Sentrigo will release an update to Hedgehog, a security solution that defends against unauthenticated attacks launched against Oracle databases.
According to Slavik Markovich, founder and CTO of Sentrigo, many of the SQL injection attacks and other attacks that exploit vulnerabilities in Oracle don’t require user authentication.
“Some of the vulnerabilities that were recently patched in the latest Oracle CPU belong to that group, and since many enterprises do not immediately apply those CPUs and sometimes never apply them for various reasons, they remain vulnerable,”
Read on for the full article.
[tags]Oracle Security, Oracle Database Security, Database Security[/tags]
