Carpe Datum : SQL Injection Attacks

SQL Injection Attacks

You might have read recently that there have been ongoing SQL injection attacks against vulnerable web applications occurring over the last few months. These attacks have received recurring attention in the press as they pop up in various geographies around the world. These attacks do not leverage any SQL Server vulnerabilities or any un-patched vulnerabilities in any Microsoft product – the attack vector is vulnerable custom applications. In fact, SQL Injection is a coding issue that can attack any database system, so it's a good idea to learn how to defend against them.

In order to help you respond to and defend yourself from these attacks, Microsoft has an authoritative blog including talking points and guidance. You can find this at http://blogs.technet.com/swi/archive/2008/05/29/sql-injection-attack.aspx.

Published Friday, May 30, 2008 3:12 PM by Buck Woody

Filed under: Tutorials, Walkthroughs, Web, DBA, Management, Scripts, Security, SQL Server, Administration, Maintenance, Questions, Tips

Comments

Friday, May 30, 2008 8:07 PM by Steve Kass » Read this if you serve up web pages from SQL data

# Steve Kass » Read this if you serve up web pages from SQL data

PingBack from http://stevekass.com/2008/05/31/read-this-if-you-serve-up-web-pages-from-sql-data/

Friday, May 30, 2008 11:49 PM by Aaron Bertrand

# More on the recent rash of SQL injection attacks

Fellow MVP Steve Kass and Microsoft's Buck Woody have some links and advice about preventing SQL injection

Saturday, May 31, 2008 5:02 AM by Tony Rogerson's ramblings on SQL Server

# SQL Injection Attacks - No excuse for slopping programming

I cannot emphasise enought the importance of understanding the absolute basic security principles when

Saturday, May 31, 2008 5:22 PM by SQL Server Security, Performance & Tuning (SSQA.net)

# SQL Injection attacks - don't forget to visit guidance information from Microsoft

One of the biggest threats in IT industry & Database world is unprecedented attacks aka most commonly

Saturday, May 31, 2008 5:24 PM by SQL Server Knowledge Sharing Network (SqlServer-qa.net)

# SQL Injection attacks - don't forget to visit guidance information from Microsoft

One of the biggest threats in IT industry & Database world is unprecedented attacks aka most commonly

Anonymous comments are disabled

Carpe Datum

This Blog

Syndication

Search

News

Tags

Recent Posts

Archives

SQL Injection Attacks

Comments

# Steve Kass » Read this if you serve up web pages from SQL data

# More on the recent rash of SQL injection attacks

# SQL Injection Attacks - No excuse for slopping programming

# SQL Injection attacks - don't forget to visit guidance information from Microsoft

# SQL Injection attacks - don't forget to visit guidance information from Microsoft

Carpe Datum

This Blog

Syndication

Search

News

Tags

Recent Posts

Archives

SQL Injection Attacks

Comments

# Steve Kass &raquo; Read this if you serve up web pages from SQL data

# More on the recent rash of SQL injection attacks

# SQL Injection Attacks - No excuse for slopping programming

# SQL Injection attacks - don't forget to visit guidance information from Microsoft

# SQL Injection attacks - don't forget to visit guidance information from Microsoft

# Steve Kass » Read this if you serve up web pages from SQL data