Microsoft Report on SQL Injection Attacks on IIS Web Servers


On April 17 hundreds of thousands domains from USA and from UK are infected with the SQL injection as well as IFrame injection attacks. Including some of the .gov domains also. Many of these websites are serving the malicious web pages using the JavaScript and IFrame. These web pages tried eight different ways to hijack the end user computer and trying to install some malicious software on the end user computer. SQL injection and IFrame attacks are mainly ended up redirecting users to malicious webpages.


Most of the security companies blamed that Microsoft Internet Information Services and Microsoft Internet Explorer vulnerabilities are responsible for all sorts of attacks. Some concluded that the problem was related to an advisory regarding a bug in multiple Windows versions that could be exploited through Internet Information Services (IIS) and SQL Server.

Despite reports saying differently, the software giant has investigated the problems and has concluded that the two are not related. Bill Staples explained the company’s findings on his IIS blog:

Microsoft has investigated these reports and determined that the attacks are not related to the recent Microsoft Security Advisory (951306) or any known security issues related to IIS 6.0, ASP, ASP.Net or Microsoft SQL technologies. Instead, attackers have crafted an automated attack that can take advantage of SQL injection vulnerabilities in web pages that do not follow security best practices for web application development. While these particular attacks are targeting sites hosted on IIS web servers, SQL injection vulnerabilities may exist on sites hosted on any platform.

Microsoft says that end users must update their windows Internet explorer,disable JavaScript.

Source SQL Injection Attacks on IIS Web Serve and Ars Technica

Leave a Reply