Monday, October 19, 2015

Running a MySQL instance? Get ready to patch!

Just a public service announcement.  Oracle released an announcement that patches will be released tomorrow for a number of products.  No surprise, Java is among the vulnerable apps (shocked face).  But the most interesting product on the list in my opinion is the MySQL remotely exploitable vulnerability.  Oracle said in it's announcement that it has a CVSS score of 9.0.  It's been a while since we've had anything even close to that in MySQL.

Of all the apps being updated, I think MySQL is probably the most important to most small and medium enterprises.  Sure Java is important, but if you don't have a patching plan for Java, you're already owned (sorry, hard truth here).  Some of the other enterprise apps on the list are pretty esoteric and/or not remotely exploitable without authentication.  But a lot of businesses I work with at Rendition Infosec have MySQL instances exposed to the Internet and don't really have good patching plans surrounding them.  Businesses should take a moment today to evaluate their exposure and prepare to apply patches tomorrow as soon as possible.  We should expect one-day exploits reverse engineered from the patches to become available very quickly.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.