Tuesday, July 15, 2008

Microsoft Source Code Analyzer for SQL Injection

With the recent mass SQL injection attacks, Microsoft has developed a new static code analysis tool for finding SQL Injection vulnerabilities in ASP code. Web developers can run the tool on their ASP source code to identify the root cause of the attack and address them to reduce their exposure to future attacks. You can download the tool from the Microsoft Download Center and use it on your own infrastructure to test. If you find any bug or what not, just go to this site to report it.

Now, this doesn't mean only web applications are prone to SQL injection attacks. Even Windows-based applications are so make sure you check them as well.

No comments:

Google