Cyber Security Institute
§ Current Worries
Top 3 Worries
- Regulations
- Old Firewall Configurations
- Security Awareness
§ Listening
For the best information
- The underground
- Audible
- Executive Excellence
- Music (to keep me sane)
§ Watching
For early warnings
- 150 Security Websites
- AP Newsfeeds
- Vendors
Wednesday, October 11, 2006
Oracle commits to rating vulnerabilities
Database maker Oracle announced that the company’s quarterly Critical Patch Updates (CPUs) will give administrators more guidance by providing a summary of the flaws fixed in the update and grading the threat posed by each issue. The company will grade the severity of each flaw using the Common Vulnerability Scoring System (CVSS), highlight flaws that are remotely exploitable by an unauthenticated user and summarize the vulnerabilities fixed by a patch.
“Oracle introduced these changes as the result of feedback we received from many of our customers,” Eric Maurice, manager for security in the company’s Global Technology Business Unit, stated in the blog.
“We hope that these changes will help our customers assess the criticality of the vulnerabilities resolved with each CPU and help them obtain patching decisions from their senior management more quickly.”