You are here: silicon.com > Software > Security Strategy

Security Strategy

Fixes for 33 flaws: Oracle goes patch-tastic

'You are really spoiling us... '

Tags: flaw, patch, oracle

Printer Friendly Email Story RSS

By Joris Evers

Published: 19 October 2005 08:50 GMT

Oracle on Tuesday released fixes for a laundry list of security vulnerabilities in many of its software products.

The "Critical Patch Update", part of Oracle's quarterly patch release cycle, delivers fixes for 33 flaws in Oracle's Database products, 14 in its Application Server, 13 in the Collaboration Suite, 22 in E-Business Suite and Applications, four in PeopleSoft's PeopleTools, and two in JD Edwards software.

Several of the flaws carry Oracle's most serious rating, which means they are easy to exploit and an attack can have a wide impact, according to the alert. Symantec said in an alert to users of its DeepSight intelligence service: "The most severe of the vulnerabilities could possibly expose affected computers to complete compromise."

Oracle doesn't provide many details in its advisory, which could be a challenge for users when prioritising patches, Pete Finnigan, a security specialist, wrote on his blog. "The descriptions for all the bugs except for the database section give nothing away whatsoever," he said.

Oracle has been criticised for dragging its heels on fixing security flaws and being unresponsive to researchers who find bugs. In response, Oracle's chief security officer, Mary Ann Davidson, said security researchers can be a problem when it comes to product security.

Joris Evers writes for CNET News.com

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Applications

Operating Systems

SOA/Web Services

Malware

Security Strategy


Related Links

Oracle snaffles up MySQL's buddy

Oracle: 'We'll crush Salesforce, not buy them'

Ellison's ambitions for $30bn Oracle

Oracle mulls support for rival databases

Oracle lines up 37 fixes

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business

Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business

UK ID cards rollout hit by delay as launch date revealed

Bletchley Park's World War Two codebreakers in their own words

'You're responsible for your own wi-fi security' say ISPs

'UK must up privacy safeguards following Phorm'

The top 10 technologies you need to plan for next year


  • Jobs
Technical Analyst - SMS, SCCM, WSUS - Patch & Release

The role will involve the assessment of vulnerabilities, patch testing and application deployment via remote systems such as SMS/SCCM, WSUS and ...

QA Specialist- Temp to Perm

PHP or .NET, enough to identify them as the source of bugs Please apply ASAP Skills needed Intermediate knowledge of HTML, CSS, and XML, to help ...

Information Security Analyst - ISO27001, IT Systems compliance

You will also be responsible for building, configuring and deploying network hardware and applications, re-cabling, desk moves, management reporting ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.

JD Edwards Spotlight Video

CEO Dashboard Management: Why Creating Visual Reports You Can't Hide From Will Help...

Virtual Private Servers (VPS)

Looking for a fast payback? 10 Minutes with Free Tool Can Save Thousands

Martin Brokers cashes in on back-up swap

VocaLink makes virtualisation pay

Sony Pictures sets sights on best IT Oscar

Co-op Group kicks "server sprawl" into touch

Arts Council gets tech troubleshooting boost

Torex tech treats Thorntons to quicker sales

Stories from the web...


eBay app lets users bid from a BlackBerry

ID card database: 500 names added in first month

Women in IT: Tech has an image problem

Tesco Mobile to get a taste of Apple's iPhone

Marketing chiefs: Are you spamming your customers?

IT skills shortage squashed by recession?




Quick Sitemap Links: