1.1 Ensure the Appropriate Version/Patches for Oracle Software Is Installed

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The Oracle installation version and patches should be the most recent that are compatible with the organization's operational needs.

Rationale:

Using the most recent Oracle database software, along with all applicable patches can help limit the possibilities for vulnerabilities in the software, the installation version and/or patches applied during setup should be established according to the needs of the organization. Ensure you are using a release that is covered by a level of support that includes the generation of Critical Patch Updates.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Perform the following step for remediation:
Download and apply the latest quarterly Critical Patch Update patches.

References:

http://www.oracle.com/us/support/assurance/fixing-policies/index.html

http://www.oracle.com/technetwork/topics/security/alerts-086861.html

http://www.oracle.com/us/support/library/lifetime-support-technology-069183.pdf

See Also

https://workbench.cisecurity.org/files/2868