Enterprise Strategy Group just released a research paper comparing the security of Microsoft SQL Server with Oracle and MySQL:
Abstract: The rate of security vulnerabilities documented in the National Vulnerability Database for the major database vendors is noteworthy for the stark contrast between Microsoft, MySQL and Oracle. ESG believes that Microsoft’s investments in secure development processes are responsible for the impressive
results in SQL Server quality. ESG considers Microsoft, with proper execution, to be years ahead of Oracle and MySQL in producing secure and reliable database products.
This paper has been published at Microsoft web site (here).