Oracle Announces Mega Critical Patch Update

Oracle is set to issue security patches for 66 vulnerabilities under its first Critical Patch Update for the year

. The latest patch addresses vulnerabilities in Oracle Database Server, Secure Backup, audit vault, fusion middleware, enterprise manager grid control, Oracle applications, industry applications, supply chain products suite, PeopleSoft and JDEdwards suite, Sun products and open office. Many developers rank vulnerabilities as critical, high and medium risk vulnerabilities. Oracle uses Common Vulnerability Scoring System (CVSS) scoring to rate the vulnerabilities.

The vulnerabilities related to audit vault, JRockit, Solaris and Weblogic Server received the highest score of 10. A remote attacker can exploit the vulnerability in audit vault bypassing any authentication requirements. More than half of the 66 vulnerabilities addressed by Oracle are exploitable by remote attackers without entering any authentication parameters. The patch addresses 21 vulnerabilities associated with various Sun products. The vulnerabilities affect VM virtual box, Solaris, java system portal server, java system communication system java system message queue and SunMC among others. Often, ethical hacker certified professionals detect vulnerabilities in products and applications. The huge security patch by Oracle is in sheer contrast to light security patch announced by Microsoft on the first second Tuesday of the year.

Exploitation of vulnerabilities adversely affects the confidentiality, availability and integrity of data and disrupts the services provided by the affected application. Attackers may gain unauthorized access to privileged databases associated with the compromised applications. Online computer training is crucial to educate employees on the possible implications of a data breach. Awareness of safe computing practices, precautionary measures, incident handling and first responder procedures may help in reducing security breach incidents.

The proactive nature of threats in the IT environment makes it inevitable for IT professionals to constantly upgrade their skills by attending workshops, undertaking security certifications, keeping track of the developments in IT security, sophisticated attack mechanisms used by offenders and security advisories by developers. The combination of technical know-how and awareness of latest threats may help professionals pre-empting threats and securing the IT apparatus of an organization.

by: Peter M

POST COMMENT

Updates on Key Issues Facing Your Practice Update Your Living Room Now Inexpensive Ways To Update Your Wardrobe Get latest updated Domain News Here Should You Update Your Fillings? VAT Update Volkswagen Eos Update Update Your Pattern Making Skills Update on Base Village in Snowmass, Colorado Sound Card Driver Update - A Fine Simplistic Way to Accomplish the Update Jagdish Tytler: Update Of 1984 Case Updates To The Cymbal World New Seller Financing Laws ~ Safe Act and HR 4173 Update ~ Is It Good News For Seller Financing?