"A hacker managed a rare feat Wednesday, successfully attacking a Web page within Microsoft's U.K. domain and replacing the page with several graphics related to Saudi Arabia.
The hacked page was a U.K. events page here. It has since been fixed. According to the security site Zone-h, a SQL injection attack is the likely culprit. Zone-h reported the hack methodology: "Most probably, the attacker exploited the site by means of SQL injection to insert the HTML code "" in a field belonging to the table which gets read every time a new page is generated." This would work on a page utilizing Microsoft's SQL Server. "
Article Link: http://rcpmag.com/news/article.aspx?editorialsid=8762