Oracle patch continues security concerns

News Analysis

Oracle patch continues security concerns

Oracle has issued a critical security patch for its E-Business Suite software two months ahead of the company’s next scheduled security update.

The patch fixes a number of vulnerabilities in the Oracle Diagnostics troubleshooting component of E-Business Suite 11i.

The problems are understood to relate to Oracle Diagnostics web pages and to Java classes included with the software, which could be used inappropriately by an attacker. According to software consulting firm Integrity, the issue with the Oracle diagnostics is that some of them can be executed without any authentication.

Oracle has been issuing quarterly security updates for about a year, and it is believed the latest vulnerability is serious enough to prompt issuing the latest patch early and to speed up adoption. Oracle's next security update is scheduled for 18 April.

Not so long ago, Oracle’s security would have been a non-issue among the security community. Now, its applications are under the spotlight, and will be for some time until the company is seen to be more overtly security-focused.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy