Which database is more secure? Oracle or Microsoft SQL Server?
I still come across Oracle enthusiasts who mistakenly believe that Oracle’s database suite is more secure than Microsoft’s SQL database suite – this is nonesense as I shall explain.
The point to this post is not to gloat – it’s simply to set the record straight. Microsoft SQL Server’s suite of products ARE more secure than Oracle’s database suite.
A single vulnerability in any mission critical product can cause serious problems for whomever relies upon it and ALL software is subject to both code and configuration vulnerabilites. If anyone tells you their software is 100% secure or impervious to vulnerability then they are delusional.
Secunia is a well respected security vulnerability tracking site. Take a look at Secunia’s statistics for the number of Oracle software security advisories compared to Microsoft SQL Server’s security advisories – the results are 94 compared to 23.
Of the 23 SQL Secunia advisories only one has been reported in the last four years and it was of low severity.
Digging a little further we can see that the 94 Oracle Security Advisories comprised of 200 actual vulnerabilities whereas Microsoft SQL’s vulnerability count was just 4 – both sets of vulnerability figures are for the last four years.
Note: searching Secunia for just “SQL” will bring back security advisories for a vast range of non-Microsoft SQL implementations including mySQL.
Comments
Anonymous
January 01, 2003
The comment has been removedAnonymous
January 01, 2003
PingBack from http://business.ezineaerticles.com/which-database-is-more-secure-oracle-or-microsoft-sql-server/Anonymous
January 01, 2003
Actually compare "oracle" to "Microsoft SQL Server" is not very faint. But even in case we narrowed the search the results are quite overwhelming.Anonymous
August 01, 2008
The comment has been removedAnonymous
August 11, 2008
Of course it's Oracle; it's unbreakable. Haven't you read their website ads? :-)Anonymous
September 02, 2008
The comment has been removed