Re: SQL Server for Oracle DBAs
Date: Tue, 27 May 2008 09:55:40 -0700
> Tony Rogerson wrote,on my timestamp of 27/05/2008 2:04 AM:
>> Now compare that to the SQL Server product record in the past 5 years >> - we've had 0 security vunerabilities; well - aside from a recent one >> that
> pardon the childish remark, but:
I'm amazed that he can say such things and not turn to stone.
Late in December 2007, something Roger Thompson of Grisoft characterized as “a pretty good mass hack” compromised tens of thousands of websites, including edu and gov domains, with an automated SQL injection. The hack exploited a Microsoft SQL Server vulnerability that was over a year old, one that was patched in early 2006 by the MS06-014 security update. Source: http://www.lexansystems.com/blog/tag/security-breach/
one of the more prominent tech news organizations, reported the company
RealNames informed customers that its customer information database had
been breached and the attackers had walked off with valuable nformation,
to include credit card numbers.
And there are thousands more where these came from.
-- Daniel A. Morgan Oracle Ace Director & Instructor University of Washington damorgan_at_x.washington.edu (replace x with u to respond) Puget Sound Oracle Users Group www.psoug.orgReceived on Tue May 27 2008 - 11:55:40 CDT