Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
denis_the_thief
Aged Yak Warrior
596 Posts |
 Posted - 2009-11-24 : 11:15:34
|
| Oracle:[url]http://en.securitylab.ru/nvd/page1_47.php?arrFilter_ff%5BSECTION_ID%5D=&arrFilter_ff%5BSEARCHABLE_CONTENT%5D=%22Oracle%22&set_filter=Y[/url]SQL Server:[url]http://en.securitylab.ru/nvd/page1_47.php?arrFilter_ff%5BSECTION_ID%5D=&arrFilter_ff%5BSEARCHABLE_CONTENT%5D=%22sql%20server%22&set_filter=Y[/url]There are way less CVEs (Common Vulnerbilities and Exposures) for 2009 in SQL Server as compared to Oracle. From this, can I conclude that SQL Server has become the more secure Database? |
|
|
robvolk
Most Valuable Yak
15732 Posts |
Posted - 2009-11-24 : 15:43:22
|
| Perhaps, but many of the items listed in those links are not specific to Oracle DBMS or SQL Server products. |
 |
|
|
behrman
Yak Posting Veteran
76 Posts |
Posted - 2009-11-28 : 22:49:01
|
| Oracle database consistently has more security vulnerabilities than Microsoft SQL Server. In fact, Microsoft SQL Server has very low vulnerability from 2003 – 2009 as a direct result of our implementation of Trustworthy Computing Initiative (http://www.microsoft.com/mscorp/twc/default.mspx), which was started in 2002 by Microsoft Chairman, Bill Gates (http://www.microsoft.com/mscorp/execmail/2002/07-18twc.mspx). It is advised that real-world customers include security patching as part of the true cost of operating Oracle 11g and Microsoft SQL Server 2008."Note that the source of this data is not Microsoft, but NIST, the National Institute of Standards, which plays a leading role in evaluating technology security issues for the U.S. Federal Government.RAQ Report: Web-based Excel-like Java reporting tool |
|
|
|
|
|
|
SQL Server vs. Oracle security