Re: SQL Server for Oracle DBAs

From: DA Morgan <>
Date: Tue, 27 May 2008 09:55:40 -0700
Message-ID: <>

Noons wrote:
> Tony Rogerson wrote,on my timestamp of 27/05/2008 2:04 AM:

>> Now compare that to the SQL Server product record in the past 5 years 
>> - we've had 0 security vunerabilities; well - aside from a recent one 
>> that 

> pardon the childish remark, but:
I'm amazed that he can say such things and not turn to stone.

Late in December 2007, something Roger Thompson of Grisoft characterized as “a pretty good mass hack” compromised tens of thousands of websites, including edu and gov domains, with an automated SQL injection. The hack exploited a Microsoft SQL Server vulnerability that was over a year old, one that was patched in early 2006 by the MS06-014 security update. Source:

one of the more prominent tech news organizations, reported the company RealNames informed customers that its customer information database had been breached and the attackers had walked off with valuable nformation, to include credit card numbers.

And there are thousands more where these came from.

Daniel A. Morgan
Oracle Ace Director & Instructor
University of Washington (replace x with u to respond)
Puget Sound Oracle Users Group
Received on Tue May 27 2008 - 11:55:40 CDT

Original text of this message