Oracle patch clashes with Microsoft Patch Tuesday

Oracle has issued four critical patches just a day after Microsoft released its monthly Patch Tuesday Windows update.

Oracle has issued four critical patches just a day after Microsoft released its monthly Patch Tuesday Windows update.

In a notice on the database company's website, Oracle recommended that users apply the fixes as soon as possible.

The patches cover many Oracle products, including versions of Oracle Database 11g, 9i, Oracle E-Business Suite Release 12,11i, Oracle WebLogic Server 9.0 8.1 and Oracle JRockit.

Oracle said, "Until you apply the CPU fixes, it may be possible to reduce the risk of successful attack by restricting network protocols required by an attack. For attacks that require certain privileges or access to certain packages, removing the privileges or the ability to access the packages from unprivileged users may help reduce the risk of successful attack. Both approaches may break application functionality, so Oracle strongly recommends that customers test changes on non-production systems. Neither approach should be considered a long-term solution as neither corrects the underlying problem."

Last month Adobe was slammed for releasing a patch the same time as the March Patch Tuesday.

Natalie Lambert, principal analyst at Forrester Research, said, "In an ideal world it would make sense for the IT companies to co-ordinate their patch releases, but this is not always possible, if there is a live exploit." Instead she urged IT departments to create an internal schedule for testing and deploying patches.

Read more on Hackers and cybercrime prevention

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close