Users login

Create an account »


Users login

Home » Hacking News » Patching the patches

Patching the patches

by Nikola Strahija on November 11th, 2005 Oracle's patch fails to install some components, while the flaw in Symantec patch, involving the rendering of EMF files, could allow attackers to take over a system.

According to a NGSS email to the Bugtraq mailing list Oracle's patch fails to install some components on all operating systems. -Even if you have Oracle Text installed the patch installer will not install the updated PL/SQL packages. The fallout from this means that your servers may still be vulnerable to the Oracle Text flaws, the company said.

The flaw in question allows users with low privileges to gain administrator privileges, and in some cases can be exploited from the Internet without a user ID or password, NGSS said.
NGSS said its examinations since the CPU's appearance have also revealed ‘new vulnerabilities and problems with the patches for old vulnerabilities’. It didn't give details, but said the problems have been reported to Oracle.

Many users are having problems with a recent Symantec update. The problem is with definition files for Symantec Antivirus. The definition file includes a pattern for Bloodhound.Exploit.45, designed to detect files exploiting the vulnerability Microsoft patched earlier this week in update MS05-053.

That flaw, involving the rendering of EMF files, could allow attackers to take over a system, according to Microsoft. Unfortunately, the Symantec definition isn't very good at distinguishing between malicious EMF files and benign ones, according to SANS. -As it turns out, this pattern seems to be generating a lot of false positives in almost any EMF file, certainly those generated by Excel (and in turn this prevents Excel from functioning properly), said SANS in an advisory.

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »