Rich Mogull
Rich Mogull
mass mean oracle security
Oracle has not yet experienced a mass security exploit, but this does not mean that one will never occur.
appearing code critical discovered exploit increasing oracle regularly tools
Critical Oracle vulnerabilities are being discovered and disclosed at an increasing rate, and exploit tools and proof-of-concept code are appearing more regularly on the Internet.
due legacy longer oracle practices ties versions
Moreover, patching is sometimes impossible, due to ties to legacy versions that Oracle no longer supports. These practices are no longer acceptable.
begin considered database longer managers oracle protecting shows systems
(This) shows Oracle can no longer be considered a bastion of security. Database and application managers must begin protecting and maintaining Oracle systems more aggressively.
addressing apply attack case exposed patch possible recommend shield themselves until users
We recommend that users shield themselves before addressing vulnerabilities, but in this case they can't apply a shield and are exposed to possible attack until the patch is applied.
allowing alone cause database easily great include mass mean oracle products range rated remote security update
The range and seriousness of the vulnerabilities patched in this update cause us great concern. The database products alone include 37 vulnerabilities, many rated as easily exploitable and some potentially allowing remote database access. Oracle has not yet experienced a mass security exploit, but this does not mean that one will never occur.
assumption large percent predict quarter second since updated
We've since updated this assumption and now predict that by the second quarter of 2006, 85 percent of large enterprises will have initiated encryption projects.