"Oracle's reason for delaying its patch day is the OpenWorld 2009 Oracle conference taking place from 11th to 15th October, which generally attracts large numbers of administrators responsible for Oracle installations. Since this would force administrators to choose between not attending the conference and delaying installation of the updates, the vendor has decided to put its quarterly Critical Patch Update (CPU) back a week from 13th to 20th October." (DJ Walker-Morgan, H-Online)Oye! What the hell is going on over at Oracle? Since you're including a critical security patch in your CPU (critical patch update) let's wait an extra week so we don't make admins choose between coming to a conference (self-promotion, no doubt) and securing their systems?!
Does this look like just a stupid maneuver to anyone else? Bueller?
Will someone smack some sense into Oracle please? Not to be outdone in their stupidity, Adobe has also delayed their patch release by a month... (more on this at ComputerWorld)
4 comments:
News broke last week... and this surprises you from a company that insists on only providing quarterly patch bundles? Really? :)
What Oracle is saying is that there will be no one looking around during four days for people attacking this critical flaw. Guess the black hats weren't asking that much of a favour...
@ben: I didn't catch this last week... But it apalled even cynical me.
Post a Comment