Bogus Oracle Patches Flung by Malicious Websites

Bogus Oracle Patches Flung by Malicious Websites: Anyone experiencing error messages from Oracle database software should proceed to download a fix, but only from official locations, engineers with the company warned.

It appears that they have received information that different websites claim to provide patches for real problems with the software, but deliver malware instead.

There are no details about the online locations flinging the malicious updates to the users, or the type of damage they could cause to the database.

“It has come to our attention that there are non-Oracle sites offering Oracle ‘fixes’ for genuine Oracle error messages,” said Antonella Giovannetti, Oracle integration support engineer, in a warning posted at the beginning of the week.

Users are informed that other repositories except Oracle’s are not authorized to distribute patches for the company software and that they are more than likely to present a risk to the system.