Hacker Defaces Microsoft U.K. Web Page
- By Keith Ward
- June 29, 2007
A hacker managed a rare feat Wednesday, successfully attacking a Web page within Microsoft's U.K. domain and replacing the page with several graphics related to Saudi Arabia.
The hacked page was a U.K. events page here. It has since been fixed. According to the security site Zone-h, a SQL injection attack is the likely culprit. Zone-h reported the hack methodology: "Most probably, the attacker exploited the site by means of SQL injection to insert the HTML code "" in a field belonging to the table which gets read every time a new page is generated." This would work on a page utilizing Microsoft's SQL Server.
The defaced page had three images: a child waving a green and white flag of Saudi Arabia, a woman with a green scarf over her face and a stand-alone image of the Saudi Arabian flag. Beneath the flag is a message that reads "HACKED BY rEmOtEr".
U.K. website The Register quoted a Microsoft spokesperson as saying that although the attack was embarrassing, it didn't appear to be serious. "There is no reason to believe customer data or any other sensitive information has been compromised."
Keith Ward is the editor in chief of Virtualization & Cloud Review. Follow him on Twitter @VirtReviewKeith.