StillSecure, After All These Years: 65 in 1

July 22, 2006

65 in 1

I missed this one a few days ago, but thought it ludicrous enough to mention anyway. Oracle just released their quarterly update patch. Looks like a lucky thing they did, seems it takes care of 65 discovered vulnerabilities, some 23 or so critical. I wonder what Martin McKeay and my friends on the Security Roundtable would say about this. Funny, I don't see anybody jumping up and down like they do when Microsoft puts out a patch. Take 3 months worth of Patch Tuesdays, and you have just about the same amount of patches here. Anybody want to tell me that Microsoft's record on these are worse than the rest of the industry? Here is another thing I don't understand, with all of the critical data kept in Oracle databases, why aren't their customers demanding better written software and more frequent updates. Quarterly updates is just not responsible or reasonable in today's atmosphere. This type of response I think screams for more public disclosure by people finding these holes.

Posted at 11:13 PM in Martin McKeay, patching, Security Roundtable, vulnerability management | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d83451e4d369e200d83429a5d453ef

Listed below are links to weblogs that reference 65 in 1:

» Retrospect: The "Morning After Pill for Patch Tuesday" from Rational Security
I dredged this post up from my prior blog because I think it's interesting and relevant today given the current state of vulnerability management and patching. I wrote this entry almost a year ago on 9/15/05, and I thought I'd [Read More]

Comments

Lijit Search

disclaimer

The views and opinions expresed here are those of myself only and in no way represent the views or positions or opinions of my employer, Latis Networks, Inc. d/b/a StillSecure or anyone else.