"A hacker managed a rare feat Wednesday, successfully attacking a Web
page within Microsoft’s U.K. domain and replacing the page with several
graphics related to Saudi Arabia.
The hacked page was a U.K. events page here. It has since been fixed. According to the security site Zone-h, a SQL injection
attack is the likely culprit. Zone-h reported the hack methodology:
"Most probably, the attacker exploited the site by means of SQL
injection to insert the HTML code "" in a field belonging to the table
which gets read every time a new page is generated." This would work on
a page utilizing Microsoft’s SQL Server. "
Article Link: http://rcpmag.com/news/article.aspx?editorialsid=8762
