TechTarget

Oracle patch continues security concerns

Oracle has issued a critical security patch for its E-Business Suite software two months ahead of the company’s next scheduled security update.

Oracle has issued a critical security patch for its E-Business Suite software two months ahead of the company’s...

next scheduled security update.

The patch fixes a number of vulnerabilities in the Oracle Diagnostics troubleshooting component of E-Business Suite 11i.

The problems are understood to relate to Oracle Diagnostics web pages and to Java classes included with the software, which could be used inappropriately by an attacker. According to software consulting firm Integrity, the issue with the Oracle diagnostics is that some of them can be executed without any authentication.

Oracle has been issuing quarterly security updates for about a year, and it is believed the latest vulnerability is serious enough to prompt issuing the latest patch early and to speed up adoption. Oracle's next security update is scheduled for 18 April.

Not so long ago, Oracle’s security would have been a non-issue among the security community. Now, its applications are under the spotlight, and will be for some time until the company is seen to be more overtly security-focused.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close