Today Microsoft released to the web UrlScan 3.0 for Internet Information Service (IIS) which is helping to correct and prevent possible SQL injection attacks. 

UrlScan 3.0 is a security tool that restricts the types of HTTP requests that IIS will process. By blocking specific HTTP requests, the UrlScan 3.0 security tool helps to prevent potentially harmful requests from reaching applications on the server.

 

UrlScan 3.0 is an update to UrlScan 2.5 and requires IIS 5.1 or later, including the latest IIS 7.0 on Windows Server 2008.

 

For more information check out the Windows Server Division blog. Other resources include: Internet Information Services (IIS) blog, Engineering Blog and Using UrlScan.