WHID 2007-30: Microsoft UK site defaced

Yet another defacement, but with a very high profile target, and a detailed description of the attack which took advantage of an SQL injection vulnerability. The report even includes a video recording of the attack.

Additional information:

• Microsoft.co.uk Succumbs to SQL Injection Attack [PC world, Jun 29 2007]
• Microsoft Defaced, again! [Zone-H, Jun 27 2007]
• Video Recording of the Attack [Hacker, Jun 27 2007]