Oracle Patches Two Dozen Flaws

[ Thanks to Naomi Graychase for this link. ]

"A CVSS 10.0 score means that if the flaw is exploited, an attacker can take full control of the vulnerable system. There is a catch with this highly critical database flaw, though: Microsoft Windows users are more at risk than Linux or Unix users. Maurice noted that for Linux and Unix deployments, the CVSS score for the same vulnerability is only 7.5, since a full compromise all the way to the operating system level isn't possible on those systems.

"On a year-over-year basis, the January 2010 CPU patch haul actually represents a decline from the 41 flaws Oracle reported in January 2009.

"Still, at least one database security professional still sees cause for concern. "

Complete Story

Related Stories:

• On Selling Exceptions to the GNU GPL(Jan 11, 2010)
• MySQL, Oracle And Cloud Computing(Jan 09, 2010)
• Monty Widenius wants another billion dollars, should we help him?(Jan 06, 2010)
• How will MySQL fare under Oracle?(Jan 04, 2010)