Home > Blogs > Watch your code!

Watch your code!

By  May 21, 2008

Topics: Data

Recently SQL Server and its made the news-and not in a good way.

 

The headlines screamed - SQL Server and IIS are hacked! In fact, this was a standard SQL Injection attack - which has nothing specifically to do with IIS  or SQL Server. A SQL Injection attack is a result of not validating user-input, and it works against any DB and application that isn’t written properly.

In point of fact, SQL Server 2005 has No major security bulletins at all. Hey, bash any company all you want, but make sure you get your facts straight. Don’t take what any journalist says without checking-including me! More here on SQL Injection.

Become an InformIT Member

Take advantage of special member promotions, everyday discounts, quick access to saved content, and more! Join Today.