Is the Oracle Critical Patch Update for October 2010 Massive?

The news reports describing the October 2010 Oracle Critical Patch Update (CPU) are using terms like "giant", "massive", and practically every other known synonym for a really big security patch release.  These news reports must be resonating with CIOs and CSOs as Integrigy has received a number of client calls and a huge response to our upcoming webinars detailing this CPU.

Oracle Application Server Fastcgi Echo Vulnerability Reports

A potential and unconfirmed cross-site scripting (XSS) vulnerability in the Oracle Application Server has been reported on the Full Disclosure mailing list.  The vulnerability is in the FastCGI module delivered with the Apache httpd server that is incorporated into the Oracle Application Server.  Integrigy has not confirmed the vulnerability as the author has not released details but the author claims this XSS vulnerability is different than those previously fixed in the fcgi-bin echo programs.

Oracle CPU Dates Shifted by a Week in 2011

Oracle has announced a slight change to the release schedule for Critical Patch Update (CPU) releases starting in 2011.  Rather than release on the Tuesday closest to the 15th of the month, now it will be the Tuesday closest to the 17th.  The intention of this shift is to provide more of a buffer for the January release to accommodate year-end close and vacations around the Christmas and New Years holidays.  Therefore, some of the CPU release dates have shifted by a week.

Webinar: Oracle E-Business Suite Security Risks Primer for Internal Auditors

Oracle E-Business Suite Security Risks Primer for Internal Auditors
Tuesday, September 14, 2010 1:00 PM - 2:00 PM EDT

Internal Auditors are trained to understand the financial aspects and the end user functionally of an ERP solution. However, most Internal Auditors have not been trained in the security features of an ERP system. This one hour auditing primer webinar will highlight the basic security that should be found within all implemented Oracle E-Business Suite (OEBS) systems.

Upcoming IOUG Webinar - A Journey Through Enterprise Database Security for DBAs

Integrigy's CTO, Stephen Kost, will be presenting an Independent Oracle User's Group (IOUG) educational webinar as part of IOUG's Database Security Technical Education Series.

A Journey Through Enterprise Database Security for DBAs
Stephen Kost, Integrigy
Wednesday, May 26, 1:00pm - 2:00pm CT

This presentation is intended for Database Administrators. It will detail the enterprise database security requirements, regulatory requirements and monitoring of databases.

Integrigy Oracle CPU Virtual Session Live from COLLABORATE 10

For those of you unable to attend the OAUG/IOUG COLLABORATE 10 User Conference in Las Vegas next week, the conference is offering a virtual experience of the conference.  There will be 41 sessions available via webinar live from Las Vegas.  Integrigy is pleased to announce that the following session is included in the roster of Plug-in to Vegas virtual sessions -

Integrigy at COLLABORATE 10

For those of you not familiar with COLLABORATE or have not previously attended, the Oracle Applications Users Group (OAUG), Independent Oracle Users Group (IOUG), and Quest have teamed together to host a user-driven event with exceptional content.  COLLABORATE 10 is Sunday, April 18, 2010 through Thursday, April 22, 2010 in Las Vegas.  This year there will be over 1,000 technical sessions covering virtually every Oracle product. 


Subscribe to RSS

Add us to your favorite news reader.

Follow on Twitter

Get the latest updates.