Oracle has taken steps to make its next batch of security patches a little bit easier to understand.With the October Critical Patch Update, due out Tuesday, Oracle will begin rating vulnerabilities according to the Common Vulnerability Scoring System (CVSS), a setup backed by Cisco Systems and IBM that attempts to standardize the way security flaws are rated.Oracle will also provide executive summaries of its security vulnerabilities, and a list of the flaws that could be exploited by remote attackers even without a password on the Oracle server.“Customers are now asking for information in a better format. They want some sort of objective score so they can tell which is the most important thing,’ said Darius Wiles, senior manager of Oracle Security Alerts. To date, wading through Oracle’s security documentation has been a daunting task. The company’s last round of patches, released July 18, contained 65 security patches, and figuring out the severity of each of these bugs involved interpreting “risk matrix” data from three separate risk categories, all provided by Oracle.“The information has always been available in the risk matrix if you know how to interpret the data,” Wiles said. “You can figure it out, but customers said they wanted a much simpler system where they could just run down through the list of vulnerabilities and have a ‘yes’ or ‘no.’ “ The executive summaries will also make it easier for administrators to explain the severity of vulnerabilities to their supervisors, Wiles added.“Customers were looking for a short summary that they could pass up to management,” he said. “They wanted something that Oracle had provided so they could just cut and paste it and say, ‘These are the official Oracle words.’ “An Oracle blog posting on the changes can be found here.-Robert McMillan, IDG News Service (San Francisco Bureau)Related Links: Oracle Pays $98.5M to Settle PeopleSoft Charges Oracle Buys Data Integration Firm Sunopsis Oracle Releases 1st Portal Product Since AcquisitionCheck out our CIO News Alerts and Tech Informer pages for more updated news coverage. Related content BrandPost The future of trust—no more playing catch up Broadcom: 2023 Tech Trends That Transform IT By Eric Chien, Director of Security Response, Symantec Enterprise Division, Broadcom Mar 31, 2023 5 mins Security BrandPost TCS gives Blackhawk Network an edge with Microsoft Cloud In this case study, Blackhawk Network’s Cara Renfroe joins Tata Consultancy Services’ Rakesh Kumar and Microsoft’s Nilendu Pattanaik to explain how TCS transformed the gift card company’s customer engagement and global operati By Tata Consultancy Services Mar 31, 2023 1 min Financial Services Industry Cloud Computing IT Leadership BrandPost How TCS pioneered the ‘borderless workspace’ with Microsoft 365 Microsoft’s modern workplace solution proved a perfect fit for improving productivity and collaboration, while maintaining security of systems and data. By Tata Consultancy Services Mar 31, 2023 1 min Financial Services Industry Microsoft Cloud Computing BrandPost Supply chain decarbonization: The missing link to net zero By improving the quality of global supply chain data, enterprises can better measure their true carbon footprint and make progress toward a net-zero business ecosystem. By Tata Consultancy Services Mar 31, 2023 2 mins Retail Industry Supply Chain Green IT Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe