1. Home
  2. >>
  3. microsoft
  4. >>
  5. Microsoft UK, a video documents the defacement

Microsoft UK, a video documents the defacement



Microsoft UK, a video documents the defacement


Last week the Microsoft.co.uk website was attacked by an unknown cracker who replaced a page with a photo of a child waving the Saudi flag. A few days away from the cracker posted a video showing the technique used to compromise the security of BigM’s UK site.

The page containing the video, linked in this Zone-h-it article, is no longer available, but security experts claim that it has confirmed what has already emerged from the first investigations: the defacer would have penetrated the Microsoft.co.uk servers using an SQL injection attack which allowed him to insert HTML code into a remote database table.

“In the video, the attacker demonstrates how it is possible to obtain a username and password from the Microsoft.co.uk database”, explains Zone-h.it.

According to Netcraft, Microsoft’s UK site runs on Windows Server 2003 and Internet Information Server 6.