During the last 3 months I got more times than expected in discussions about patch and vulnerability management. I need to say, there is much misunderstanding going around about these two processes; so much that I could argue that several organizations are exposing themselves significantly, just because the touch points and (lack of) dependencies in these two processes are not clear.
I love challenges, and working with Oracle products has always been a challenge for me. This love/hate relationship started ~20 years ago when I could not set up the first version of Oracle Internet Directory, following the documentation word by word! I had to "fix" several scripts to make it install, and in the end, even though it installed, it still wouldn't work... It was the only product I cared enough to remember that failure after so many years. Or maybe, the only product I failed to tame.
Some months ago I bought a desktop system. I hadn't had one for years, but a very strange and unexpected need came up; I wanted to play games with my son who lives in Greece, in an attempt to spend a bit more time with him, even virtually. I bought and built a desktop system based on AMD's excellent Ryzen line, but that's for another time. On that computer, and as it would be used predominantly for games, I installed MS Windows. That is another thing that hadn't happened in my household for decades!
As you may have heard, Let's Encrypt revoked several certificates today that were issued through a faulty process. Read on for the details, and on how to identify the revoked certificates themselves.