Oracle is shifting to a monthly security patch release cycle for its enterprise resource planning, database, and other software products to counter the escalating threat of AI-driven cybersecurity vulnerabilities. This change is driven by the increasing speed at which AI-enabled tools can discover software flaws, such as those identified by CVE numbers, which can be exploited by malicious actors. By issuing patches more frequently, Oracle aims to reduce the window of opportunity for attackers to exploit newly discovered vulnerabilities. Notably, Oracle's monthly patch release schedule will not follow the traditional second Tuesday of each month approach used by other vendors like Microsoft and Adobe, instead opting for a fourth Thursday release schedule, starting with its first monthly Critical Security Patch Update on May 281. This move underscores the growing importance of timely patch management in mitigating cybersecurity risks, and practitioners should take heed of this accelerated patch cycle to ensure their Oracle systems remain up-to-date and secure.
Oracle will patch more often to counter AI cybersecurity threat
⚡ High Priority
Why This Matters
Oracle plans to issue security patches for its ERP, database, and other software on a monthly cycle, rather than quarterly, to respond to the increased pace of AI-enabled software.
References
- CSO Online. (2026, May 5). Oracle will patch more often to counter AI cybersecurity threat. *CSO Online*. https://www.csoonline.com/article/4167335/oracle-will-patch-more-often-to-counter-ai-cybersecurity-threat.html
Original Source
CSO Online
Read original →