Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information

Oracle DBAs rarely install Patches

Oracle DBAs rarely install Patches

  • Comments 1
  • Likes

Wow, this is scary: A company called Sentrigo just published a study about how DBAs patch Oracle databases. Even though you could challenge their findings (they asked only 305 people) and therefore only shows half the truth, it is really scary (I quote):

  • When asked: "Have you installed the latest Oracle CPU?" – Just 31 people, or ten percent of the 305 respondents, reported that they applied the most recently issued Oracle CPU.
  • When asked: "Have you ever installed an Oracle CPU?" – 206 out of 305 OUG attendees surveyed, or 67.5 percent of the respondents said they had never applied any Oracle CPU.

Where does this come from? I am no Oracle specialist (I just to work on this DB decades ago) this is worrying me from two perspectives: It is a significant risk to the industry and I am worrying whether this is the same with SQL Server (even though our figures show a different picture). Is this because people are afraid of the downtime because of the reboots? Are they afraid that their application could break? Is it ignorance? Is it lack of tools? A really interesting question.

Roger

Comments
  • You probably remember my post regarding Oracle DBAs rarely install patches . It was about a study where

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment