{"id":16174,"date":"2026-05-05T16:43:06","date_gmt":"2026-05-05T16:43:06","guid":{"rendered":"https:\/\/newestek.com\/?p=16174"},"modified":"2026-05-05T16:43:06","modified_gmt":"2026-05-05T16:43:06","slug":"oracle-will-patch-more-often-to-counter-ai-cybersecurity-threat","status":"publish","type":"post","link":"https:\/\/newestek.com\/?p=16174","title":{"rendered":"Oracle will patch more often to counter AI cybersecurity threat"},"content":{"rendered":"<div>\n<div id=\"remove_no_follow\">\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<section class=\"wp-block-bigbite-multi-title\">\n<div class=\"container\"><\/div>\n<\/section>\n<p>Oracle plans to issue security patches for its ERP, database, and other software on a monthly cycle, rather than quarterly, to respond to the increased pace of AI-enabled software vulnerability discovery.<\/p>\n<p>Other software vendors, notably Microsoft, SAP, and Adobe, already release patches on a monthly beat, always on the <a href=\"https:\/\/www.csoonline.com\/article\/4111566\/patch-tuesday-2025-roundup-the-biggest-microsoft-vulnerabilities-of-the-year.html\">second Tuesday of each month<\/a>.<\/p>\n<p>Oracle, though, is taking an off-beat approach: It will release the first of its monthly Critical Security Patch Updates (CSPUs) on May 28, the fourth Thursday, and after that, it will release its patches on the third Tuesday of each month \u2014 a week after the other vendors \u2014 with the next batches arriving on June 16, July 21, and August 18, it <a href=\"https:\/\/blogs.oracle.com\/security\/update-monthly-critical-security-patch-updates-cspus-begin-may-28-2026\" target=\"_blank\" rel=\"noreferrer noopener\">said earlier this week<\/a>.<\/p>\n<p>The new CSPUs \u201cprovide targeted fixes for critical vulnerabilities in a smaller, more focused format, allowing customers to address high-priority issues without waiting for the next quarterly release,\u201d Oracle said.<\/p>\n<p>It will issue a cumulative Critical Patch Update each quarter, so on the same schedule as before. The first one this year <a href=\"https:\/\/www.csoonline.com\/article\/4120197\/oracle-releases-337-security-patches-including-fix-for-critical-apache-tika-flaw.html\">came in January<\/a>.<\/p>\n<p>Oracle initially announced the <a href=\"https:\/\/blogs.oracle.com\/security\/accelerating-vulnerability-detection-and-response-at-oracle\" target=\"_blank\" rel=\"noreferrer noopener\">switch to a monthly patching schedule<\/a> last week, but did not provide the dates.<\/p>\n<p>The new patching rhythm will primarily interest customers running Oracle applications on premises or in their own or third-party hosting environments. For customers using the software in an Oracle-managed cloud, Oracle applies the patches automatically automatically.<\/p>\n<p>Oracle is using artificial intelligence to identify and fix the vulnerabilities faster than before. It said it has access to OpenAI\u2019s latest models through that company\u2019s <a href=\"https:\/\/www.infoworld.com\/article\/4141328\/an-llm-that-will-help-you-construct-a-nuclear-device.html#:~:text=Trusted%20Access%20for%20Cyber\">Trusted Access for Cyber<\/a> program, and to Anthropic\u2019s Claude Mythos Preview.<\/p>\n<p>Mythos has contributed greatly to concerns that <a href=\"https:\/\/www.pcworld.com\/article\/3109427\/anthropics-new-ai-found-thousands-of-zero-day-flaws-on-its-own.html\">AI will uncover thousands of zero-day flaws in software<\/a>, but as of mid-April, <a href=\"https:\/\/www.csoonline.com\/article\/4159617\/behind-the-mythos-hype-glasswing-has-just-one-confirmed-cve.html\">only one vulnerability report<\/a> had been tied directly to it.<\/p>\n<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Oracle plans to issue security patches for its ERP, database, and other software on a monthly cycle, rather than quarterly, to respond to the increased pace of AI-enabled software vulnerability discovery. Other software vendors, notably Microsoft, SAP, and Adobe, already release patches on a monthly beat, always on the second Tuesday of each month. Oracle, though, is taking an off-beat approach: It will release the&#8230; <\/p>\n<p class=\"more\"><a class=\"more-link\" href=\"https:\/\/newestek.com\/?p=16174\">Read More<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-16174","post","type-post","status-publish","format-standard","hentry","category-uncategorized","is-cat-link-borders-light is-cat-link-rounded"],"_links":{"self":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/16174","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=16174"}],"version-history":[{"count":0,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/16174\/revisions"}],"wp:attachment":[{"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=16174"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=16174"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=16174"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}