Oracle updates



I normally don’t follow updates for Oracle, as I don’t have an installation running Oracle to support. Right now, I’m quite glad of that… The Security Fix is talking about the 82 patches they released Tuesday in their quarterly patch release. The fact that they released 82 patches is not what’s disturbing though. According to the article, Oracle claims that 75% of their patches come from internally reported vulnerabilities….


In the article, Brian talks to several people that had reported vulnerabilities issued by these patches. Among the three researchers, there are still 137 unpatched vulnerabilites (some of those going back a couple years.) So, if those 137 represent only 25% of reported vulnerabilities…. yikes…. what’s worse, is I suspect those aren’t the only people looking at Oracle databases.

Kind of makes you worry about identity theft doesn’t it?

   Send article as PDF   

Similar Posts