[mdlug] [Fwd: Microsoft Responds To The SQL Injection Problem]
Aaron Kulkis
akulkis03 at gmail.com
Thu Jun 26 10:51:13 EDT 2008
Only 10 years too late...
It looks like massive immigration to the LAMP (Linux , Apache,
MySQL, Perl/PHP/Python) stack has finally inspired MS to give
a **** about yet another gaping security hole which they (and
everyone else) has know about for over a decade.
By Larry Seltzer
2008-06-25
Windows ecosystem gets bit by a problem that traces its way back
to the days before Microsoft thought much about security.
Last September, Errata Security CEO Robert Graham told us in an
interview that SQL Injection was a great risk for Web sites based
on many open-source tools and on older, pre-.Net Microsoft
technologies. Boy, was that ever a prescient interview.
....
http://www.eweek.com/c/a/Security/Microsoft-Responds-To-The-SQL-Injection-Problem/?kc=EWKNLSTE062608FEA1
Of course... the Beauty of Linux is, being based on Unix, which
was a multi-user system from the beginning, security was a
primary consideration from the beginning -- because you have
to build as system which prevents a program BUG from doing
to the system and other users the same things which most malware
is designed to do.
More information about the mdlug
mailing list