Two-thirds of Oracle DBAs don’t apply security patches, says SANS Newsbites. Sentrigo’s Hedgehog is a host-based database activity monitoring and protection software solution. Hedgehog’s unique virtual patching ability immediately protects databases against vulnerabilities that have been discovered, but not yet patched, as well as against zero-day exploits of certain types. In shops where patching is never done, the only event which could possibly convince a database administrator and his/her management to apply patches would be a severe incident.”]
Source: https://taosecurity.blogspot.com/2008/01/thoughts-on-oracle-non-patching.html