65 in 1
I missed this one a few days ago, but thought it ludicrous enough to mention anyway. Oracle just released their quarterly update patch. Looks like a lucky thing they did, seems it takes care of 65 discovered vulnerabilities, some 23 or so critical. I wonder what Martin McKeay and my friends on the Security Roundtable would say about this. Funny, I don't see anybody jumping up and down like they do when Microsoft puts out a patch. Take 3 months worth of Patch Tuesdays, and you have just about the same amount of patches here. Anybody want to tell me that Microsoft's record on these are worse than the rest of the industry? Here is another thing I don't understand, with all of the critical data kept in Oracle databases, why aren't their customers demanding better written software and more frequent updates. Quarterly updates is just not responsible or reasonable in today's atmosphere. This type of response I think screams for more public disclosure by people finding these holes.