WatchGuard Wire
Improve Your Security IQ
Oracle fixes 37 security vulnerabilities
Yesterday, Oracle released the first of their quarterly security patches. This hulking update fixes 37 vulnerabilities found in many of their products.
While Oracle's advisory seems packed with information presented in numerous tables and appendices, it actually contains very little technical detail. Most of this advisory's meat resides in its risk matrices (located in the advisory's appendices). Here you learn which applications each flaw affects; whether attackers can exploit them locally or over a network; and the general impact of each flaw (given only as a one-word impact rating). However, don't expect to learn exactly what triggers every flaw, nor exactly what an attacker can do after exploiting them.
Technical details aside, Oracle's advisory still clearly expresses your need to patch. Oracle's advisory describes many of these vulnerabilities as "Easy" to exploit with a "Wide" impact. I assume this means that at least one of them potentially allows a remote attacker to execute code. If you use any of Oracle's products, check out their January security advisory and apply any updates that correspond to the products you use. -- Corey Nachreiner
Copyright© 2010 WatchGuard® Technologies, Inc. You may copy and distribute this article freely in any medium as long as you copy and distribute the entire article without change and preserve this copyright statement and notice.
|
