#oracle

Oracle plans to issue security patches for its ERP, database, and other software on a monthly cycle, rather than quarterly, to respond to the increased pace of AI-enabled software vulnerability discovery. Other software vendors, notably Microsoft, SAP, and Adobe, already release patches on a monthly beat, always on the second Tuesday of each month. Oracle, though, is taking an off-beat approach: It will release the first of its monthly Critical Security Patch Updates (CSPUs) on May 28, the fourth Thursday, and after that, it will release its patches on the third Tuesday of each month — a week after the other vendors — with the next batches arriving on June 16, July 21, and August 18, it said earlier this week. The new CSPUs “provide targeted fixes for critical vulnerabilities in a smaller, more focused format, allowing customers to address high-priority issues without waiting for the next quarterly release,” Oracle said. It will issue a cumulative Critical Patch Update each quarter, so

The Pentagon says it has reached agreements with eight AI companies to use their technology in classified defence settings. The military will have access to resources provided by Google, Microsoft, Amazon, Nvidia, Oracle, OpenAI, SpaceX, and the startup Reflection. Absent from the list is Anthropic, following its public dispute and legal battle with the Trump administration over AI ethics. Peter O’Brien looks at how these developments came about.