Printed from www.pcpro.co.uk
Microsoft denies blame for half million hacks
Posted on 28 Apr 2008 at 11:41
Microsoft has denied any blame for a rash of web server attacks that have affected half a million web pages.
Speaking on The Microsoft Security blog, the company moved swiftly to refute suggestions that vulnerabilities in its SQL Server software were being exploited in the attacks.
"Microsoft's investigation has shown that there are no new or unknown vulnerabilities being exploited," says Bill Sisk, of the Microsoft Security Response Center.
"This wave is not a result of a vulnerability in Internet Information Services or Microsoft SQL Server. The attacks are facilitated by SQL injection exploits and are not issues related to IIS 6.0, ASP, ASP.Net or Microsoft SQL technologies."
Sisk goes on to point users in the direction of its advisory on how to avoid such attacks in the future.
The attacks have so far affected around half a million pages, causing them to spread malware when visited. So far, UN and Government sites have been hit by the attacks.
Author: Stuart Turton
advertisement
- Microsoft shows courage at Tech-Ed 09
- PowerPoint and Silverlight: a perfect match?
- Why all the fuss over Windows Explorer?
- Your iPhone has a virus? Well it's your fault
- Motorola pays Lucas for its Droid
- Where are the killer apps for Windows?
- Will you hit the Orange iPhone "unlimited" cap?
- USB 3 first benchmark - it's here, and it's fast
- Why Windows 7 has forced me to worry about security
- How Dixons is (under)selling Windows 7
- The bulletproof Dell that costs an arm and a leg
- Microsoft Office 2010 Technical Preview: Q&A
- Lawnmowers, the TyTN II and one odd insurance request
- There'll never be a bulletproof OS
- How far can we trust apps?
- Five nice touches in Outlook 2010
- Building a better Google
- Beware HP's horrendous printer-driver glitch
- Microsoft debuts free Morro antivirus package
- Getting started with Search Server 2008 Express
advertisement
