Barney's Blog

Blog archive

All I Want for Christmas Is a SQL Injection

The holidays were a bit strange this year. The economy was tough, malls were empty, and we in America awaited a new and very different presidential administration.

My own family here in North Central Massachusetts also had an odd time. Due to a massive ice storm and an inept power company, our electricity went out and I had no heat for 15 days. It didn't crank back up 'til the day after Christmas (though many, including the elderly and poor, had it far worse than I did, so no complaints here). My family huddled around a space heater on Christmas morning and were none the worse for wear.

But Christmas wasn't entirely without gifts. Wall Street had $700 billion to play with, our next president talked about an extra trillion dollars or so a year in federal spending (deficit, what deficit?) and hackers blessed the world with a new SQL injection attack.

Apparently, no systems were actually hit and no patch has been released. The news leaked out only because a security researcher let it out, leading experts to rightly criticize the disclosure.

Posted by Doug Barney on January 07, 2009 at 11:53 AM


Featured

  • The 2022 Microsoft Product Roadmap

    Microsoft has a lot in the docket for 2022, including new products like SQL Server 2022, Exchange Subscription Edition and Visual Studio 2022 for Mac.

  • 2022 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Microsoft Vows To Ease European Cloud Infrastructure Burden

    Microsoft announced new revamps to its Microsoft Cloud Solution Provider partner program to pacify European regulators.

  • Citrix HDX Option Coming to Windows 365 Subscribers

    Citrix's "high-definition user experience" (HDX) technologies will be available as an option for Windows 365 desktop-as-a-service users, according to a joint announcement by Microsoft and Citrix.