Oracle probably worried some DBAs earlier this week when it released its Critical Patch Update, but neglected to patch its most critical database flaw of the quarter for 9.2.0.8 users on the Windows platform. At the time, Oracle said this fix would come on April 30, but now it looks like Oracle has found a way to get the patch out.Oracle’s Eric Maurice made the announcement on Friday afternoon. So if you’re running Oracle Database Server 9.2.0.8 on Windows you can rest a bit easier… once you’ve finished testing. 🙂Turns out that security researcher David Litchfield first discussed this flaw in November 2005. After Oracle released its Critical Patch Update this week, he published this research note, discussing this and a few other flaws that were patched this month. He says he first reported the bug to Oracle in 2002.-Robert McMillan Related content opinion Direct Marketing Association on information security: Be safe By Robert McMillan Apr 08, 2011 3 mins Data and Information Security opinion As violence escalates, Libya cuts off the Internet By Robert McMillan Feb 18, 2011 2 mins Core Java opinion An FBI backdoor in OpenBSD? By Robert McMillan Dec 15, 2010 5 mins Data and Information Security opinion Congressional candidate says Democrats leaked his Social Security number By Robert McMillan Sep 28, 2010 1 min Data and Information Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe