Microsoft has updated protection against SQL-“injections”
Microsoft has updated protection against SQL-“injections”
28th August 2008
The company Microsoft has released an updated version of the protective filter for its web server IIS (Internet Information Service) called UrlScan 3.0.
The new version of the filter helps to protect IIS against attacks of the type “SQL injection” by means of verification of HTTP-queries to the server and blocking potentially dangerous codes. Attack of the “SQL injection” type is a direct attack on the SQL Server DBMS by inserting a potentially malicious SQL-query in a line of enquiry to a HTTP-server.
The most vulnerable web-applications are those based on the technology ASP ASP.NET. If previous versions of the addon UrlScan, including version 2.5, blocked requests on such parameters as the length of URL, the new version can fully analyze the content of HTTP-requests, identifying the presence of SQL-codes or other potentially dangerous for SQL Server code parts.
It should be remembered that the addon UrlScan is not a panacea from all possible attacks on web servers IIS. Nevertheless, Microsoft plans to include UrlScan functions into the next version of its web server IIS 7.0.
RapidWeaver 4.1: toolset for creating web-sites
Imprint Studio 1.0: making posters in ordinary printer Featured downloads
Download Free trial
Interact
Now downloading
Ocean Island 3D Screensaver
Transfer yourself to this beautiful island, enjoy and relax. Throw down the weight of cares and plun...
Transfer yourself to this beautiful island, enjoy and relax. Throw down the weight of cares and plun...
Blog categories
CloneDVD (50)
Real (84)
GameJackal (47)
nVidia (170)
Nero 8 (10)News blog