Researcher: Oracle Patch Set Flawed Again
Lisa Vaas writes in eWeek:
A security researcher has reported that Oracle's most recent quarterly cumulative patch update, released on Tuesday, leaves some flaws exploitable.
David Litchfield, a security research with Next Generation Security Software Ltd., was in the process of auditing the CPU when this story was posted.
Litchfield on Wednesday evening posted to BugTraq a message saying that the patch is still lacking.
"Having downloaded and given the Oracle October patch a cursory examination, some of the flaws Oracle told me were being fixed, remain exploitable," he wrote. "Once again the patch is not sufficient. I will conduct a full investigation of the patch over the coming few days and post some recommendations once complete."
0 Comments:
Post a Comment
<< Home