Despite hefty Oracle CPU, expert fears unpatched DB flaws

Database Security Management

Email Alerts

Register now to receive news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Security Bytes: New Microsoft exploits in the wild

    The exploits target issues Microsoft patched earlier this month. Meanwhile, flaws are reported in Oracle for OpenView and a Mozilla Firefox keystroke logger is on the loose. 

  • Security Bytes: Cisco patches CS-MARS flaws

    Meanwhile, Metasploit creator H.D. Moore warns of a serious Internet Explorer flaw and Cisco may get more unwanted attention at the upcoming Black Hat conference. 

  • Security Wire Weekly: Oracle's Darius Wiles

    On this week's podcast, Senior News Writer Bill Brenner interviews Oracle's Darius Wiles about the database giant's vulnerability patching process and the criticisms levied against it. Plus the latest on Microsoft's plans to patch a PowerPoint proble... 

  • Oracle's summer update fixes 65 flaws

    Updated: The database giant released 250 patches covering myriad platforms such as Application Server, PeopleSoft and JD Edwards. But roughly 10 patches are on hold while quality issues are addressed. 

  • Oracle owns up to patching problems

    Database giant Oracle Corp. has faced mounting criticism of its security patching process during the last two years.

    Its quarterly Critical Patch Updates (CPUs) are typica... 

  • Symantec AntiVirus Corporate Edition vulnerable to flaw

    The vendor is investigating reports of a "high-severity" flaw in its AntiVirus Corporate Edition product. Attackers could exploit it to launch malicious code. 

  • Novell patches eDirectory buffer overflow vulnerability

    Novell has addressed a flaw in the iMonitor component of its eDirectory LDAP directory service that could be exploited to cause a denial of service. 

  • Oracle refuses to learn its lesson, experts say

    Oracle critics say the database giant sits on known flaws for too long, leaving its applications open to attack. Is it time for infosec pros to extract Oracle products? 

  • Oracle accidentally exposes flaw, exploit

    A database researcher says details about a high-risk privilege escalation vulnerability were mistakenly posted on Oracle's MetaLink site last week. There's no patch, but there are workarounds. 

  • Security Blog Log: Yahoo's click-fraud problem

    This week, security bloggers examined Yahoo's relationship with adware vendors, and the price Verizon paid for aggressive spam blocking. Also: Oracle's CSO starts a blog.