Hey, hey it's Oracle patching day
Quarterly update volley addresses 80 vulns
Posted in Security, 19th January 2006 08:43 GMT
Free whitepaper – Securing your Microsoft Internet Information Services (MS IIS) web server
Wednesday became a busy day for database administrators after Oracle released its quarterly patch update which, this time around, tackles more than 80 vulnerabilities in different Oracle software packages and components. Various flavours of Oracle database (37 security bugs), Oracle E-Business Suite and Applications (27), Oracle Collaboration Suite (20) and Oracle Application Server (17) are most in need of update.
The vulnerabilities might potentially be exploited by hackers to remotely execute hostile code on vulnerable systems or perform denial-of-service attacks. Other security flaws carry an information disclosure risk. Oracle's advisory contains a risk matrix designed to help security and database admins to access the potential seriousness of the flaws in their environment. Users of affected products are advised to install the corresponding updates sooner rather than later.
Useful overviews of these security problems have been put together by US CERT (here) and security notification firm Secunia (here). ®
Free whitepaper – Securing your Microsoft Internet Information Services (MS IIS) web server


Airport insecurity: the case of lost laptops
Reducing messaging and web security costs with managed services
Avoiding 7 common mistakes of IT security compliance
Extended Validation SSL Certificates
Feds: Hospital hacker's 'massive' DDoS averted
Microsoft knew of nasty IE bug a year before attacks
BlockMaster SafeStick hardware-encrypted USB drive