Oracle made an announcement the pre release of patch program that would be publication. Totalling 55 patch prepared to improve the bug on the database software and the other software.
55 patch that prepared, 24 patch being aimed for bugs that could be exploited in remote. Generally, some bugs that categorised by Oracle as the “remote exploitation without authentication” considered as the critical threat by vendor and security researcher.
As for Oracle products that must be repaired, Oracle Database, Oracle Enterprise Manager, Application Server, PeopleSoft Enterprise and JD Edwards EnterpriseOne, E-Business Suite and Applications. The other product that must be repaired also including Oracle Collaboration Server.
Based on the further notification that publish in their site, Oracle said will release this patch went through Critical Patch Update on Tuesday, January 16 2007.
Considering the bug that exploited the Oracle software quite a lot, the Symantec security vendor suggest to the user of management system of DeepSight threat to immediately download this patch program. “Because some of bugs were it was thought critical, the customer suggested to allocate their resource to immediately download and tested the patch” said Symantec.
In The Meantime Oracle hoped the announcement of the prerelease that publication could help their customer. “Our hope, this announcement of the pre release could become valuable tool to help professional security in analysing CPU critical and simply their management” said Duncan Harris, senior director of Oracle security insurance.
Oracle Critical Patch Update could be download in Oracle Site.
