Oracle to issue 41 security patches

As with every release, Oracle is imploring administrators to install the patches as soon as possible.

Jaikumar Vijayan (Computerworld (US)) 12 January, 2009 08:06

Oracle will issue 41 security patches this week addressing vulnerabilities across "hundreds" of its products, the company said in a pre-release announcement.

More than 15 of those patches address flaws that were described by the company as being remotely executable without the need for authentication -- a class of vulnerability to which Oracle usually assigns its highest severity rating. Of these, nine are slated for Oracle Secure Backup, two for its Application Server product and five for its BEA Product Suite.

The company's Critical Patch Update next week will also include fixes for 10 vulnerabilities in its database products. None of these exploits, however, can be taken advantage of remotely without the attacker having access to a username and password first, the company said.

Among the affected products that were listed by Oracle in its pre-announcement were multiple versions of its database going back to Oracle database 9i, its E-business suite products and several versions of Oracle's WebLogic Server and Portal products.

The number of patches being released by Oracle in this round is about the same as the last quarter, when the company issued 36 security fixes.

By Oracle's standards those number are relatively small. There have been occasions when the company has issued considerably more patches in its quarterly updates. Its January 2006 update had 82 patches, while the same year's October update had 101.

As with every release, Oracle is imploring administrators to install the patches as soon as possible. But if history is any indication, a large number of the database patches, at least, are unlikely to be installed in a hurry.

A study of 305 database administrators released in January 2008 by security vendor Sentrigo found that two-thirds of those surveyed did not install Oracle's security patches at all, no matter how critical the vulnerabilities were.

Most appeared to be reluctant to bring production environments down for any length of time to implement security patches and were also concerned about the possibility of the fixes breaking applications.

Computerworld Buyer's Guide - Vendors Matched to this Article

HAL Data Services , Dimension Data , SafeNet , Revelation Software , GFI , Sagem

More about , BEA, Oracle

Comments

Post new comment

Have your say!

Computerworld Buyer's Guide - Vendors Matched to this Article

HAL Data Services , Dimension Data , SafeNet , Revelation Software , GFI , Sagem

Discussions on The Computerworld Forum

Whitepapers

Read up on the latest ideas and technologies from companies that sell hardware, software and services.

Zones

Zones provide focussed content from Computerworld and leading technology partners.

Newsletter Subscription

RSS Feeds

Computerworld Today

Show all RSS feeds

More >

Computerworld Webinar

Thursday, June 11th, 2009
10:30am EST (Sydney, Australia)
Screening at your PC

Computerworld is hosting a 30 minute live webinar to help you to learn how unified communications can save you money, foster innovation and business agility by making it easier for people to find, reach and collaborate with one another.

Register Now

+

Savings do add up: How organisations are saving thousands by adopting Unified Communications and Collaboration. 15 June, 2009 12:01

This week's CW Live podcast features a discussion between Audrey William, research director at research firm Frost & Sullivan Australia, and Craig Campbell, business unit executive for Integrated Communications Services at IBM Australia / New Zealand on why companies are adopting unified communications, and whether there is any benefit to hosting a unified communications solution in the cloud.

[ MP3 (2.22 MB) | Windows Media (2.26 MB) ]
+

Storage Virtualisation: Increasing Information Availability and Lowering Costs 02 June, 2009 12:36

This week's CW Live features a discussion between Dr Kevin McIsaac, IBRS Research's Advisor for Virtualisation and Craig McKenna, Consulting Technical Leader, System Storage, for IBM's Growth Markets division, on why storage virtualisation is key to an organisation's information management plan.

[ MP3 (4.62 MB) | Windows Media (4.69 MB) ]
+

Computerworld Live Podcast #100: Enterprise Cloud Computing and Network Virtualisation 25 March, 2009 13:46

CW Live speaks with Matthew Zanner, HP ProCurve worldwide director of datacentre solutions, about how cloud computing is changing the way IT professionals are designing their networks and running their datacentres.

[ MP3 (3.25 MB) | Windows Media (2.48 MB) ]
+

Computerworld Live Podcast #99: Reducing the Costs of Enterprise Mobility 28 January, 2009 10:43

CW Live speaks with Mark Thompson, Global Sales/Marketing Manager for HP's ProCurve Networking Business, to discuss strategies for reducing the cost of enterprise mobility, including tips on securing a wireless network, smart network design strategies, and advice for simplifying the management and support of wireless networks.

[ MP3 (3.63 MB) | Windows Media (2.77 MB) ]
+

Computerworld Live Podcast #98: The Future of Datacentre IP 18 December, 2008 10:33

CW Live speaks withLin Nease, Director of Emerging Business for HP ProCurve, to discuss the future of networks, including the effect of IP-based storage on datacentres, new capacity requirements generated by the use of 10Gb Ethernet, and how an efficient network design can slash energy and cooling costs, and help enterprises build a "green" image.

[ MP3 (5.45 MB) | Windows Media (4.15 MB) ]

More >

Customer Experience Management: Improving the Consistency and Quality of Customer Interactions

Don't let your customers have a bad experience. Customer experience management (CEM) research from Ventana highlights the failures of traditional CRM and indicates many companies are hearing the message, but few have implemented the processes and technology to make it a reality. Download the report today!

Enterprise IT Buyer's Guide

Find Technology Vendors Fast

Find vendors by name | Find by category

Comments

Post new comment

Savings do add up: How organisations are saving thousands by adopting Unified Communications and Collaboration. 15 June, 2009 12:01

Storage Virtualisation: Increasing Information Availability and Lowering Costs 02 June, 2009 12:36

Computerworld Live Podcast #100: Enterprise Cloud Computing and Network Virtualisation 25 March, 2009 13:46

Computerworld Live Podcast #99: Reducing the Costs of Enterprise Mobility 28 January, 2009 10:43

Computerworld Live Podcast #98: The Future of Datacentre IP 18 December, 2008 10:33

Windows 7 Experts, Ensyst, Give Update On Real World Trials Of Microsoft’s New Operating System 10 July, 2009 10:00

North East Water to transform the customer experience with Gentrack Velocity 10 July, 2009 09:45

Acronis launches integrated deduplication and backup & recovery solution 09 July, 2009 15:46

Mindjet adds to visual collaboration leadership team with new Vice President of Marketing 09 July, 2009 14:34

Kordz Releases "immortal" HDMI Cable 09 July, 2009 14:26

Customer Experience Management: Improving the Consistency and Quality of Customer Interactions

Buying Guides

Latest Products

Buying Guides

Latest Products