BOAC the simple difference between this "security breach" and the microsoft ones is that the linux/unix ones are usually found by pro security firms. And its is very rare they are in the core kernal. They also tend to be package specific as in this case. Its not actually the linux kernal that has the security hole its a third party add on for oracle clients.