January 14, 2008 3:02 PM PST

Survey finds that 66% of Oracle users never install critical patches

by Matt Asay
  • Font size
  • Print
  • Post a comment

If security is a process, Oracle's users have checked out of the process completely. As CNET's Dawn Kawamoto reports, two-thirds of Oracle users report that they have never installed an Oracle Critical Patch Update (CPU). That's "never" as in "not ever."

The data comes from a survey of Oracle database administrators, consultants, and developers by Sentrigo. It's shocking.

Perhaps it's also a testament to the robust security of Oracle's products. Let's assume that the respondents to this survey are representative of Oracle users generally. With 66% of Oracle's databases essentially unprotected and yet rarely compromised, that says something about their quality.

Or maybe it just means that database hackers are lazy. :-)

More seriously, I wonder why enterprises don't deploy the patches. Are they difficult to implement? Are they not explained well such that database administrators don't know why they should use them?

I don't know, but it would be fascinating to find out. It would also be interesting to know what percentage of MySQL users regularly patch their systems.

Matt Asay brings a decade of in-the-trenches open-source business and legal experience to The Open Road, with an emphasis on emerging open-source business strategies and opportunities. Matt is vice president of business development at Alfresco, a company that develops open-source software for content management. He is a member of the CNET Blog Network and is not an employee of CNET. Disclosure. You can follow Matt on Twitter @mjasay.
Topics:

Industry news,

Number crunching

Tags:

Oracle,

security

Share:
Digg
Del.icio.us
Reddit
Recent posts from The Open Road
Canonical shines its Ubuntu light on consumers
Open source became big business in 2009
Will we see an open-source IPO in 2010?
Could Apache keep Google's regulators at bay?
Red Hat's Q3 earnings defy gravity
Canonical's opportunity to simplify Ubuntu
Google--not necessarily 'more open than thou'
Is it Ballmer's fault?
Related
Oracle pledges to play well with MySQL
Adobe to patch zero-day Reader, Acrobat hole
NPR News for Android is a solid initial offering
Firefox, Adobe top buggiest-software list
Virtual currency exchange to launch in 2010
Using Facebook and Twitter safely
Firefox 3.5.6 patches critical security holes
Symantec confirms zero-day Acrobat, Reader attack
advertisement

15 sites that went kaput in 2009

Web sites launch all the time, but they also shut their doors. We highlight 15 that bit the dust this year.

Top 10 news stories of the decade

Let the debate begin: Was the iPhone more important than iTunes? Was anything bigger than Google finding a great business model? CNET offers its list of the 10 most important stories of the '00s.

About The Open Road

Matt Asay brings a decade of in-the-trenches open-source business and legal experience to the Open Road, with an emphasis on emerging open-source business strategies and opportunities. Matt is general manager of the Americas division and vice president of business development at Alfresco, a company that develops open-source software for content management. He is a member of the CNET Blog Network and is not an employee of CNET. Disclosure.

Add this feed to your online news reader

The Open Road topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET