QuoteThe update is part of the Redwood City, Calif., company's quarterly patch cycle. Oracle preannounced its patch release Thursday, when, for the first time, it published an advance notification so customers could plan ahead to apply the fixes. Oracle's actual Tuesday "Critical Patch Update" has one fix less than the company originally announced. Instead of the planned 27 fixes for its database products, 26 vulnerabilities are addressed in the company's flagship software.
QuoteMicrosoft worked with the Department of Homeland Security on the alert, a company representative said. "Microsoft...encourages customers to deploy this update on their systems as soon as possible, given that we are aware of targeted exploitation of the vulnerability," the representative said. Microsoft deems the vulnerability critical for all versions of Windows. However, users of Windows XP with Service Pack 2 and Windows Server 2003 with Service Pack 1 should be protected by the Windows Firewall if they do not use file sharing and printer sharing, Christopher Budd, a security program manager at Microsoft, said in an interview Tuesday.