Oracle pre-releases patch data

By Dave Bailey

16 Jan 2007

Be the first to comment

A Computing logo
security logo

Oracle has started to pre-release patch update information for its software, notifying users of no less than 52 new critical updates that it formally issued today.

Oracle pre-released the patch update information on Thursday, saying that there are “27 new security fixes for Oracle Database products, 10 of which may be remotely exploitable without authentication”.

Further reading

For Oracle’s Application Server, there were 12 patches of which three-quarters were remotely exploitable.

However, the chief executive of Oxford-based database and application assurance vendor Secerno, Paul Davie, warned that although this was a step in the right direction, “users need to beware : it’s not the vendor vulnerabilities they need to focus on but the critical weaknesses in their development processes”.

Secerno pointed out that patch management of database flaws is only part of the problem, and warned that badly written web applications for database access are a key cause for concern, especially SQL injection attacks, which can be used to gain complete control of SQL databases.

Sans Institute senior security analyst Ed Skoudis said that his organisation's penetration testing operations “discover SQL injection flaws in approximately 40 percent of the applications we analyse”.

Reader comments

Add your comment

Have your say on this article

All fields required. Your email address will not be displayed on the site.

By submitting a comment you agree to abide by our Terms & Conditions

Submit
  • Digg
  • Tweet

Newsletters

Sign up for our FREE newsletters

Latest stories from Security Technology

Related white papers

Latest videos

You may also like

Security Technology jobs

Today's top stories

cloud-security-concept

Microsoft and friends to push open data standard at OASIS

Francis Maude

G-Cloud framework for SMEs launched by Cabinet Office

cookies

EU cookie implementation deadline is today

Technology Patent Wars

Large companies such as Microsoft, Facebook and Google have been hoovering up technology patents recently. Is this stifling innovation?

88 %

5 %

7 %

Case studies & reports

IBM

Cloud computing insights from 110 implementation projects

Case studies from large organisations across all sectors

Cisco

The lesson of 2012: prepare now for increased data volumes

... And rich media, and flexible working, and peaks in traffic ...

More case studies and reports

Upcoming Events

Gain better control of your data with enterprise database consolidation

Stacks in a datacentre

Join us for this Computing web seminar, in which the Head of BI at the Co-operative Group Nick Colebourn will be explaining just how he reigned in the Group’s sprawling database estate and how significant savings were realised and data quality improved as a result.

Date: 31 May 2012

Time: 11:00 AM

Top 10 causes of IT disasters – and how to deal with them

Concept image of data backup with life preserving floating on background of binary data

Live June 13th 11:00am: Register now. During this web seminar we will be looking at the sorts of incidents that can bring data centres grinding to a halt and what can be done about them.

Date: 13 Jun 2012

Time: 11:00 am

More events

Job of the week

More IT Jobs

IT job alerts

Receive the latest jobs direct to your inbox

Sign up

IT job finder

IT salary checker

Are you being paid what you are worth?

Check Salary
  • Sign up for Computing email newsletters
  • Computing for mobiles
  • RSS feeds
  • Follow Computing on Twitter
  • Browse Computing videos on You Tube
  • Join Computing.co.uk on Linked In
  • Computing's free Android tablet app
  • Computing's free iPad app

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

About us:

Subscribe:

Community:

Related sites:

Jobs:

Accreditations: