Oracle patch continues security concerns

News Analysis

Oracle patch continues security concerns

Oracle has issued a critical security patch for its E-Business Suite software two months ahead of the company’s next scheduled security update.

The patch fixes a number of vulnerabilities in the Oracle Diagnostics troubleshooting component of E-Business Suite 11i.

The problems are understood to relate to Oracle Diagnostics web pages and to Java classes included with the software, which could be used inappropriately by an attacker. According to software consulting firm Integrity, the issue with the Oracle diagnostics is that some of them can be executed without any authentication.

Oracle has been issuing quarterly security updates for about a year, and it is believed the latest vulnerability is serious enough to prompt issuing the latest patch early and to speed up adoption. Oracle's next security update is scheduled for 18 April.

Not so long ago, Oracle’s security would have been a non-issue among the security community. Now, its applications are under the spotlight, and will be for some time until the company is seen to be more overtly security-focused.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy