Must Read: Galaxy Note 8.0 tablet: Beating the iPad mini (review)

Topic: Oracle

Oracle releases emergency patch

Summary: Oracle has released a patch for a server flaw that can be exploited over a network without the use of a username or password.

Tom Espiner

By |

Oracle has released a patch for a server flaw that can be exploited over a network without the use of a username or password.

The patch addresses a vulnerability in the Node Manager component of Oracle WebLogic Server, and affects the latest versions of the software, Oracle said in an advisory on Thursday.

It is highly unusual for Oracle to release an out-of-band patch for a critical flaw, as the company usually prefers to release critical patch updates every three months.

On Windows versions of WebLogic Server 9.0 and later, the flaw has a maximum Common Vulnerability Scoring System (CVSS) score of 10, according to the Oracle advisory. Linux and Unix versions were given a lower CVSS score due to the lower impact of the vulnerability on those systems.

For more on this story, read Oracle releases out-of-band patch for server hole on ZDNet UK.

Topics: Oracle, Hardware, Security, Servers

About

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Google+ Contact

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion

  • EmErGeNcY!

    You're spending too much money...
    jessiethe3rd
    Reply Vote
CNET Join | Log In | Privacy | Cookies Close