http://www.computerworld.com/s/article/9205560/Oracle_patching_fewer_database_flaws_as_it_adds_more_products By Jaikumar Vijayan Computerworld January 19, 2011 Oracle Corp.'s ability to address vulnerabilities in its core database technologies may be hampered by the vast number of products the company now must manage, security experts say. For example, the list of Oracle's quarterly security updates released Tuesday includes only six patches for security flaws in the company's flagship database products. The other 60 patches released fix bugs in Oracle's Fusion middleware technologies, its supply chain and CRM software and products gained from its acquisition of Sun Microsystems early last year. The small number of database patches doesn't necessarily mean that the Oracle technology is becoming more secure, said Alex Rothacker, director of security at Application Security Inc.'s Team Shatter vulnerability assessment group. Rather, it likely shows that the company doesn't have the capacity to fix the full list of Oracle database flaws reported to it in a timely fashion, said Rothacker, whose team of researchers discovered three of the six database flaws addressed in this week's update. [...] ___________________________________________________________ Tegatai Managed Colocation: Four Provider Blended Tier-1 Bandwidth, Fortinet Universal Threat Management, Natural Disaster Avoidance, Always-On Power Delivery Network, Cisco Switches, SAS 70 Type II Datacenter. Find peace of mind, Defend your Critical Infrastructure. http://www.tegataiphoenix.com/Received on Thu Jan 20 2011 - 03:10:46 PST
This archive was generated by hypermail 2.2.0 : Thu Jan 20 2011 - 03:17:54 PST