>I am just stating the reason I use Oracle. While it is just as vulnerable as SQL Server to SQL injection, all the mass SQL injection attacks seem to occur on SQL Server.For the same reason why most vulnerabilities you hear of are in Windows, not Apple. Not because Apple is any better or more secure, just a smaller target. If you are creating mischief (to be kind), you'd getter better rewards for your efforts if you target the bigger/most prevalent systems.