Oracle has started to issue pre-release announcements ahead of its quarterly patch updates.
The warnings provide IT staff with information about the applications that the enterprise software vendor plans to patch.
It also lists the number of security fixes that will be distributed, and the Common Vulnerability Scoring System code for the most severe fix in each major product category.
Pre-release information for Oracle's 16 January patch is currently posted on the vendor's website. The database and enterprise software vendor plans to issue 52 security updates.
Microsoft pioneered the practice of sending out pre-release warnings to allow IT support staff to prepare for upcoming patch releases.
Oracle's decision comes nearly two months after security researchers at NGS Software compared the security record for the firm's database to that of Microsoft's SQL Server and found that Oracle was trailing far behind Microsoft.
Researcher David Litchfield warned at the time that Oracle's security practices have failed to keep up with the evolution in security threats.
The NGS report was not the first to poke holes in Oracle's security record. The firm has made several changes to it security practices in recent years, and has adopted a regular patch release cycle to help IT staff plan and prepare for new updates.
Oracle to issue pre-release patch info
By Tom Sanders on Jan 15, 2007 3:08PM