Microsoft gets more pro-active against SQL injection attacks
June 25, 2008[From BetaNews]
Turning up the volume on its vigilance against perhaps the easiest exploit in the world, Microsoft yesterday unveiled a new beta of an overdue security tool for IIS 7, bolstered by two new SQL injection vulnerability seeker tools.
Last April, the vulnerability spotlight was turned once again on Microsoft, as it found itself answering charges that it had enabled a "wave" of SQL injection attacks on Web servers running Internet Information Services, typically in conjunction with Microsoft SQL Server. It turned out not to be a wave after all, but Microsoft turned up the heat anyway, unveiling yesterday a new set of tools for combating SQL injection problems, including the latest beta of its ISAPI query filtering tool.