Oracle has
released a critical security patch that is designed to fix more
than 20 security flaws across a range of its database, application
and collaborative server products.
The enterprise
software company has said it will release patches on a quarterly
basis - to help simplify security updates for users - and is
relying on third parties to alert it to security holes.
Many of the bugs
plugged in the latest security update were brought to Oracle’s
attention by security companies Red Database Security, Integrity
and NGSS.
Oracle has not
released full details of the holes and how they can be exploited,
but more information is expected to be made public once firms have
had a chance to download the patch from Oracle’s website.
Those systems
affected are:
Oracle Database
10g Release 1, versions 10.1.0.2, 10.1.0.3 and 10.1.0.3.1 Oracle 9i
Database Server Release 2, versions 9.2.0.4, 9.2.0.5 and 9.2.0.6
Oracle 9i Database Server Release 1, versions 9.0.1.4, 9.0.1.5 and
9.0.4 Oracle 8i Database Server Release 3, version 8.1.7.4 Oracle 8
Database Release 8.0.6, version 8.0.6.3 Oracle Application Server
10g Release 2 (10.1.2) Oracle Application Server 10g (9.0.4),
versions 9.0.4.0 and 9.0.4.1 Oracle9i Application Server Release 2,
versions 9.0.2.3 and 9.0.3.1 Oracle9i Application Server Release 1,
version 1.0.2.2 Oracle Collaboration Suite Release 2, version
9.0.4.2 Oracle E-Business Suite and Applications Release 11i (11.5)
Oracle E-Business Suite and Applications Release 11.0
More details are
available at:
www.oracle.com/technology/deploy/security/alerts.htm