You are here: silicon.com > Software > Security Strategy

Security Strategy

Oracle issues product security fix

And says 'read all about it!'...

Tags: oracle

By Dawn Kawamoto

Published: 1 March 2006 08:20 GMT

Oracle has issued an upgrade to its E-Business Suite 11i diagnostics module containing a number of security fixes, according to an alert from applications security firm Integrigy.

In releasing the upgrade, Oracle took an usual move by alerting its users about the security patches, according to Integrigy's advisory. Historically, the software maker has released product upgrades but not disclosed whether they included security fixes, Integrigy noted.

The Diagnostics Support Pack February 2006 with Oracle Diagnostics 2.3 RUP A aims to address security flaws in Oracle diagnostics web pages and Java classes, according to Integrigy. Oracle diagnostics, a troubleshooting module of Oracle E-Business Suite 11i, is designed to allow IT administrators to conduct tests when configuring and setting up applications.

According to the Integrigy report: "The significant [security] issue is [that] some diagnostics can be executed without any authentication, and it is possible to configure the diagnostics to be unrestricted."

The security patches are designed to limit access to the diagnostics tests.

Although the company releases quarterly security updates, "Oracle has not previously provided customers a notification that security fixes were included [in an upgrade]," Integrigy noted in its report. "We believe Oracle is encouraging customers to upgrade to the latest support diagnostics as a way to improve technical support and... accelerate the adoption of the diagnostics patch."

Oracle's next quarterly security update is scheduled for 18 April.

Oracle was not immediately available for comment.

Dawn Kawamoto writes for CNET News.com

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business

Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business


  • Jobs
Technical Support Account Manager - Amsterdam

Serve as an advocate on behalf of customers for issues requiring code fixes, patches or feature requests.Follow all documented processes to ensure ...

Oracle Technical Consultant

Oracle E-Business Suite Upgrade through Maintenance Pack They bring to their clients a credible and experienced global leadership team driving ...

XenApp Administrator

Ensure the environment is current on service pack, patches, firmware updates, versions, and security fixes. Coordinate and perform monthly outage ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.





Quick Sitemap Links: