Researcher lashes out at Oracle's security effort
René Millman writes in SC Magazine:
A vulnerability researcher has attacked Oracle for failing to tackle a number of flaws in its software products.
David Litchfield, managing director of security software company NGS Software, in an open letter to the company, said that it needs to "deliver and execute an effective security strategy that actually deals with problems rather than sweeping them under the carpet or waste time by blaming others for their own failings."
He slammed the way the company had reacted to patching a series of flaws in its database products, saying it took eight months to come up with fixes that still did not alleviate the problems.
"One would expect that, given the length of time they took to deliver, these security 'fixes' would be well considered and robust; fixes that actually resolve the security holes," said Litchfield.
"The truth of the matter though is that this is not the case."
0 Comments:
Post a Comment
<< Home