Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Off Topic: I have started a second blog on web development"] [Next entry: "orablogs is back"]

Reverse engineering patches!

Thanks to Alex for emailing me a link to this great news story. The story is on SecurityFocus and is titled "Reverse engineering patches making disclosure a moot choice?" and is by Robert Lemos. The article talks about the latest trends in doing a binary comparison of a pre-patched binary and its post patched cousin. The latest tools such as BinDiff from SABRE Security have been used by Halvar Flake to demonstrate how easy it was to reverse engineer the patch for pinpointed the portable networked graphics (PNG) vulnerability fixed in a recent Microsoft patch. This article also highlights the fact that the time to find an exploit after a patch is released has been dropping.

The article also quotes Mary Ann Davidson the Chief Security Officer for Oracle who says she will not be altering Oracles patching mechanisms just yet but she is aware of the techniques and issues being discussed here. This article is worth reading if you are interested in just how quickly you need to patch up a database after the patches are released.