Comment Re:epic lol (Score 5, Informative) 332
Wow. The responses on the forum http://forums.iis.net/t/1148917.aspx?PageIndex=1 are sad indeed.
Windows Security patches DON'T protect against shittily built websites.
My favorite:
I also have been hit by this attack on Saturday 4/12/08. It compromised our database and overwritten that script into all of your products. Luckily a database restore fixed the problem. Two days later the same thing happened, I have changed all the database and login passwords and did another db restore. Now today 4/18/08 we got hit again by the same thing but this time as the pages are loaded ActivX is activated and wants to run but of course I did not allow it. Anybody has successfully solved this situation?
It truely sickens me how many web developers STILL don't know about SQL Injection.