Oracle to release quarterly Solaris updates

Oracle has announced that its Solaris suite of products will be moved onto the firm's quarterly Critical Patch Update cycle, allowing users of the Sun Microsystems products to know months in advance if their systems need patching.

The enterprise software giant, which finally completed the acquisition of Sun in January, revealed the news in a pre-release announcement for this quarter's patch update, scheduled for 13 April.

"Starting April 2010, the Critical Patch Update includes security vulnerabilities in Sun Solaris," the statement read.

"This Critical Patch Update contains 47 new security vulnerability fixes across hundreds of Oracle products. 16 out of 47 vulnerabilities are in Sun Solaris."

Eight of the 16 security fixes scheduled for Solaris are for vulnerabilities which may be "remotely exploited without authentication", or in other words without the need for a network user name and password, said Oracle.

The affected Oracle Solaris Suite products include Solaris, Sun Cluster and Sun Convergence.

The news will be welcomed by security administrators, who will now be able to manage the patching of Solaris products with more predictability.

Sun released security updates for the products on an ad-hoc basis prior to its acquisition by Oracle.