http://blogs.technet.com/neilcar/archive/tags/asp.net/default.aspxTags: asp.neten-USCommunityServer 2.1 SP1 (Build: 61025.2)http://blogs.technet.com/neilcar/archive/2008/06/04/sql-storm-possible-asp-net.aspxThu, 05 Jun 2008 00:13:59 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3066167neilcar0http://blogs.technet.com/neilcar/comments/3066167.aspxhttp://blogs.technet.com/neilcar/commentrss.aspx?PostID=3066167<p>I&#8217;ve had an unconfirmed report that the SQL Storm attacks are now also affecting ASP.Net pages, specifically with a&#160; URL of http://www.chliyi.com/m.js (this appears to be offline currently but I wouldn't suggest browsing there...) being injected into those pages.&#160; My team hasn&#8217;t worked on any incidents yet so I can&#8217;t confirm that it is the same issue; however, it certainly looks very similar.</p> <p>This is a good time for me to remind everybody that Microsoft does provide no-cost support in the case of a security incident.&#160; If you&#8217;ve been affected, you can call 1-866-PCSAFETY in the United States &amp; Canada.&#160; Outside of that area, refer to <a href="http://support.microsoft.com/common/international.aspx?rdpath=4">http://support.microsoft.com/common/international.aspx?rdpath=4</a> to find the right contact information.&#160; </p> <p>(Thanks to Erwin Geirnaert for the heads-up.)</p><img src="http://blogs.technet.com/aggbug.aspx?PostID=3066167" width="1" height="1">SecuritySQLasp.net