Oracle Patches Flaws on Various Products

Oracle Patches Flaws on Various Products

Softwarecompany Oracle has circulated critical patches covering a range of its products such as Oracle Database 11g, 9i, Oracle E-Business Suite Release 12,11i, Oracle WebLogic Server 9.0 8.1 and Oracle JRockit. The firm advised users to install the updates as soon as possible.   
 

Oracle stated, "Until you apply the CPU fixes, it may be possible to reduce the risk of successful attack by restricting network protocols required by an attack. For attacks that require certain privileges or access to certain packages, removing the privileges or the ability to access the packages from unprivileged users may help reduce the risk of successful attack. Both approaches may break application functionality, so Oracle strongly recommends that customers test changes on non-production systems. Neither approach should be considered a long-term solution as neither corrects the underlying problem."

 

Oracle is among several IT companies plagued with flaws today. Adobe and Microsoft recently released their own patches for products embedded with a variety of vulnerabilities.

 

Forrester Research principal analyst Natalie Lambert said, "In an ideal world it would make sense for the IT companies to co-ordinate their patch releases, but this is not always possible, if there is a live exploit."