I know you got lies, damned lies and statistics but according to this survey from sentrigo, two thirds have never installed Oracle Critical Patch Updates.
Be aware that the January 2008 Critical Patch Update from Oracle fixes 26 vulnerabilities by itself.
The two Application Server client fixes address severe vulnerabilities affecting JInitiator, a web browser extension that enables end users to run Oracle Forms Services applications within their browser. These two vulnerabilities have received a CVSS score of 9.3 because they could allow an attacker to gain full control of the targeted client (e.g. a laptop or workstation) at the Operating System level.
Wednesday
Oracle security patches are seldom applied
Subscribe to:
Post Comments (Atom)
Security4all Blog
Twitter
Slideshare
Facebook
Digg
Flickr
0 comments:
Post a Comment