Survey finds that 66% of Oracle users never install critical patches

Oracle users must be really trusting...and lazy.

If security is a process , Oracle's users have checked out of the process completely. As CNET's Dawn Kawamoto reports , two-thirds of Oracle users report that they have never installed an Oracle Critical Patch Update (CPU). That's "never" as in "not ever."

The data comes from a survey of Oracle database administrators, consultants, and developers by Sentrigo. It's shocking.

Perhaps it's also a testament to the robust security of Oracle's products. Let's assume that the respondents to this survey are representative of Oracle users generally. With 66% of Oracle's databases essentially unprotected and yet rarely compromised, that says something about their quality.

Or maybe it just means that database hackers are lazy. :-)

More seriously, I wonder why enterprises don't deploy the patches. Are they difficult to implement? Are they not explained well such that database administrators don't know why they should use them?

I don't know, but it would be fascinating to find out. It would also be interesting to know what percentage of MySQL users regularly patch their systems.

Tech Culture
About the author

    Matt Asay is chief operating officer at Canonical, the company behind the Ubuntu Linux operating system. Prior to Canonical, Matt was general manager of the Americas division and vice president of business development at Alfresco, an open-source applications company. Matt brings a decade of in-the-trenches open-source business and legal experience to The Open Road, with an emphasis on emerging open-source business strategies and opportunities. He is a member of the CNET Blog Network and is not an employee of CNET. You can follow Matt on Twitter @mjasay.


    Discuss Survey finds that 66% of Oracle users never...

    Conversation powered by Livefyre

    Show Comments Hide Comments