Hackers are in the midst of a massively successful SQL injection attack targeting websites built on Microsoft’s ASP.Net platform. About 180,000 pages have been affected so far, security researchers say.
Fortunately, the attack will only be successful if the user uses an outdated or unpatched browser without the latest version of Adobe Reader, Flash, or Java.
In the company I worked for, the system administrator only released new updates once a month. If this is also the case for many other companies, this window of time would allow for such an attack to be successful. This is always the challenge in computer security. Simply keeping up with the latest threats is a job in and of itself.