{"id":3183,"date":"2008-06-24T18:36:00","date_gmt":"2008-06-24T18:36:00","guid":{"rendered":"https:\/\/blogs.technet.microsoft.com\/windowsserver\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/"},"modified":"2024-03-11T09:16:12","modified_gmt":"2024-03-11T16:16:12","slug":"urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/","title":{"rendered":"UrlScan 3.0 Beta and Tools to Help Mitigate SQL Injection Attacks"},"content":{"rendered":"\n<p>Microsoft published a <a href=\"http:\/\/www.microsoft.com\/technet\/security\/advisory\/954462.mspx\" target=\"_blank\" rel=\"noopener\">Security Advisory<\/a> today providing information for developers and Web administrators on ways in which they can mitigate and prevent SQL injection attacks. As you might have seen, there was <a href=\"http:\/\/news.cnet.com\/8301-10789_3-9930452-57.html\" target=\"_blank\" rel=\"noopener\">a spate of such attacks<\/a> in late April and it caused quite a few headaches for administrators. Remember that <a href=\"http:\/\/msdn.microsoft.com\/en-us\/library\/ms161953.aspx\" target=\"_blank\" rel=\"noopener\">SQL injection attacks target Web application code<\/a>, not Web server code, so they can only be avoided by making sure that any Web application that accepts user input, which is then used to query a database, follows best practices to ensure that the input does not contain malicious code or syntax that might compromise&nbsp;the database, Web site, or even the whole server.<\/p>\n\n\n\n<p>So the advisory today is not a security bulletin &#8211; there are no patches for IIS or SQL Server or ASP.NET to download. However, we are making available some tools that can help mitigate these attacks while the underlying Web application code is being fixed to <a href=\"http:\/\/msdn.microsoft.com\/en-us\/library\/ms994921.aspx\" target=\"_blank\" rel=\"noopener\">follow security best practices<\/a> for <a href=\"http:\/\/forums.asp.net\/t\/1254125.aspx\" target=\"_blank\" rel=\"noopener\">protecting against SQL injection<\/a>&nbsp;in <a href=\"http:\/\/msdn.microsoft.com\/en-us\/library\/cc676512.aspx\" target=\"_blank\" rel=\"noopener\">ASP<\/a> and <a href=\"http:\/\/msdn.microsoft.com\/en-us\/library\/ms998271.aspx\" target=\"_blank\" rel=\"noopener\">ASP.NET<\/a>. There is <a href=\"http:\/\/www.communities.hp.com\/securitysoftware\/blogs\/spilabs\/archive\/2008\/06\/23\/finding-sql-injection-with-scrawlr.aspx\" target=\"_blank\" rel=\"noopener\">a tool from HP<\/a> that tests sites to help identify pages that might be susceptible to SQL injection attacks, and also a <a href=\"http:\/\/support.microsoft.com\/kb\/954476\" target=\"_blank\" rel=\"noopener\">Microsoft Source Code Analyzer<\/a> from our SQL Server team that actually parses ASP code for data access commands that might be vulnerable to SQL injection.<\/p>\n\n\n\n<p>But the one that I&#8217;m most excited about is <a href=\"http:\/\/learn.iis.net\/page.aspx\/473\/using-urlscan\" target=\"_blank\" rel=\"noopener\">UrlScan 3.0 Beta<\/a>. As you may remember, UrlScan originally released with the <a href=\"http:\/\/www.microsoft.com\/technet\/security\/tools\/locktool.mspx\" target=\"_blank\" rel=\"noopener\">IIS Lockdown Tool<\/a> to help mitigate security vulnerabilities that affected IIS 5.0 in Windows 2000 Server. It&#8217;s an ISAPI filter that examines HTTP requests to check that URLs and other headers are not being padded with overlong strings or unusual characters as a way to conduct a buffer overflow attack. We haven&#8217;t updated this tool since we released <a href=\"http:\/\/technet.microsoft.com\/en-us\/security\/cc242650.aspx\" target=\"_blank\" rel=\"noopener\">UrlScan Version 2.5<\/a> alongside IIS 6.0, because most of the functionality is now available in IIS 7.0 as the <a href=\"http:\/\/learn.iis.net\/page.aspx\/143\/how-to-use-request-filtering\/\" target=\"_blank\" rel=\"noopener\">Request Filtering module<\/a>. But as of today, you can download <a href=\"http:\/\/www.microsoft.com\/downloads\/details.aspx?FamilyId=EE41818F-3363-4E24-9940-321603531989&amp;displaylang=en\">32-bit<\/a> and <a href=\"http:\/\/www.microsoft.com\/downloads\/details.aspx?FamilyId=361E5598-C1BD-46B8-B3E7-3980E8BDF0DE&amp;displaylang=en\">64-bit<\/a> versions of UrlScan 3.0 Beta, which extends the functionality to also examine the querystring part of the URL (i.e. the part that comes after a &#8220;?&#8221; in a URL &#8211; typically name\/value pairs or other parameters that are passed to a script or application). This can therefore help prevent SQL injection attacks while the underlying Web application code is fixed.<\/p>\n\n\n\n<p>Over on the <a href=\"http:\/\/www.iis.net\/\" target=\"_blank\" rel=\"noopener\">IIS.net<\/a> site, you can find a full <a href=\"http:\/\/learn.iis.net\/page.aspx\/473\/using-urlscan\" target=\"_blank\" rel=\"noopener\">walkthrough of the tool<\/a>, as well as some great articles by <a href=\"http:\/\/blogs.iis.net\/wadeh\/archive\/2008\/06\/24\/urlscan-v3-0-beta-release.aspx\" target=\"_blank\" rel=\"noopener\">Wade Hilmo<\/a> (the guy who wrote UrlScan) and <a href=\"http:\/\/blogs.iis.net\/nazim\/archive\/2008\/06\/05\/using-the-new-rules-configuration-in-urlscan-v3-0-beta-part-1.aspx\" target=\"_blank\" rel=\"noopener\">Nazim Lala<\/a>, another member of our IIS security team. They have full details on the tool and other security guidance you can follow to help protect your Web servers and applications.<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft published a Security Advisory today providing information for developers and Web administrators on ways in which they can mitigate and prevent SQL injection attacks. As you might have seen, there was a spate of such attacks in late April and it caused quite a few headaches for administrators.<\/p>\n","protected":false},"author":685,"featured_media":20639,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"msxcm_post_with_no_image":false,"ep_exclude_from_search":false,"_classifai_error":"","_classifai_text_to_speech_error":"","footnotes":""},"post_tag":[26,8,23],"product":[961],"content-type":[958],"solution":[955,967],"coauthors":[926],"class_list":["post-3183","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","tag-iis","tag-longhorn","tag-windows-server","product-windows-server-2008","content-type-announcements","solution-admin-tools","solution-security","review-flag-1593580427-982","review-flag-2-1593580436-936","review-flag-3-1593580441-66","review-flag-5-1593580451-829","review-flag-6-1593580456-819","review-flag-7-1593580462-674"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>UrlScan 3.0 Beta and Tools to Help Mitigate SQL Injection Attacks | Microsoft Windows Server Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"UrlScan 3.0 Beta and Tools to Help Mitigate SQL Injection Attacks | Microsoft Windows Server Blog\" \/>\n<meta property=\"og:description\" content=\"Microsoft published a Security Advisory today providing information for developers and Web administrators on ways in which they can mitigate and prevent SQL injection attacks. As you might have seen, there was a spate of such attacks in late April and it caused quite a few headaches for administrators.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Windows Server Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/WindowsServer\" \/>\n<meta property=\"article:published_time\" content=\"2008-06-24T18:36:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-03-11T16:16:12+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-content\/uploads\/2024\/03\/Boardroom-meeting.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1170\" \/>\n\t<meta property=\"og:image:height\" content=\"640\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Microsoft Windows Server Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@WindowsServer\" \/>\n<meta name=\"twitter:site\" content=\"@WindowsServer\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Microsoft Windows Server Team\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 min read\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/author\/microsoft-windows-server-team\/\",\"@type\":\"Person\",\"@name\":\"Microsoft Windows Server Team\"}],\"headline\":\"UrlScan 3.0 Beta and Tools to Help Mitigate SQL Injection Attacks\",\"datePublished\":\"2008-06-24T18:36:00+00:00\",\"dateModified\":\"2024-03-11T16:16:12+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/\"},\"wordCount\":465,\"commentCount\":4,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-content\/uploads\/2024\/03\/Boardroom-meeting.jpg\",\"keywords\":[\"IIS\",\"Longhorn\",\"Windows Server\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/\",\"name\":\"UrlScan 3.0 Beta and Tools to Help Mitigate SQL Injection Attacks | Microsoft Windows Server Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-content\/uploads\/2024\/03\/Boardroom-meeting.jpg\",\"datePublished\":\"2008-06-24T18:36:00+00:00\",\"dateModified\":\"2024-03-11T16:16:12+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-content\/uploads\/2024\/03\/Boardroom-meeting.jpg\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-content\/uploads\/2024\/03\/Boardroom-meeting.jpg\",\"width\":1170,\"height\":640,\"caption\":\"a group of people sitting at a table\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"UrlScan 3.0 Beta and Tools to Help Mitigate SQL Injection Attacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/\",\"name\":\"Microsoft Windows Server Blog\",\"description\":\"Your Guide to the Latest Windows Server Product Information\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/#organization\",\"name\":\"Microsoft Windows Server Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-content\/uploads\/2019\/08\/Microsoft-Logo.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-content\/uploads\/2019\/08\/Microsoft-Logo.png\",\"width\":1,\"height\":1,\"caption\":\"Microsoft Windows Server Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/WindowsServer\",\"https:\/\/x.com\/WindowsServer\",\"https:\/\/www.linkedin.com\/showcase\/microsoft-cloud-platform\/\",\"https:\/\/www.youtube.com\/user\/MSCloudOS\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"UrlScan 3.0 Beta and Tools to Help Mitigate SQL Injection Attacks | Microsoft Windows Server Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/","og_locale":"en_US","og_type":"article","og_title":"UrlScan 3.0 Beta and Tools to Help Mitigate SQL Injection Attacks | Microsoft Windows Server Blog","og_description":"Microsoft published a Security Advisory today providing information for developers and Web administrators on ways in which they can mitigate and prevent SQL injection attacks. As you might have seen, there was a spate of such attacks in late April and it caused quite a few headaches for administrators.","og_url":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/","og_site_name":"Microsoft Windows Server Blog","article_publisher":"https:\/\/www.facebook.com\/WindowsServer","article_published_time":"2008-06-24T18:36:00+00:00","article_modified_time":"2024-03-11T16:16:12+00:00","og_image":[{"width":1170,"height":640,"url":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-content\/uploads\/2024\/03\/Boardroom-meeting.jpg","type":"image\/jpeg"}],"author":"Microsoft Windows Server Team","twitter_card":"summary_large_image","twitter_creator":"@WindowsServer","twitter_site":"@WindowsServer","twitter_misc":{"Written by":"Microsoft Windows Server Team","Est. reading time":"2 min read"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/author\/microsoft-windows-server-team\/","@type":"Person","@name":"Microsoft Windows Server Team"}],"headline":"UrlScan 3.0 Beta and Tools to Help Mitigate SQL Injection Attacks","datePublished":"2008-06-24T18:36:00+00:00","dateModified":"2024-03-11T16:16:12+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/"},"wordCount":465,"commentCount":4,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/#organization"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-content\/uploads\/2024\/03\/Boardroom-meeting.jpg","keywords":["IIS","Longhorn","Windows Server"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/","url":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/","name":"UrlScan 3.0 Beta and Tools to Help Mitigate SQL Injection Attacks | Microsoft Windows Server Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-content\/uploads\/2024\/03\/Boardroom-meeting.jpg","datePublished":"2008-06-24T18:36:00+00:00","dateModified":"2024-03-11T16:16:12+00:00","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/#primaryimage","url":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-content\/uploads\/2024\/03\/Boardroom-meeting.jpg","contentUrl":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-content\/uploads\/2024\/03\/Boardroom-meeting.jpg","width":1170,"height":640,"caption":"a group of people sitting at a table"},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/2008\/06\/24\/urlscan-3-0-beta-and-tools-to-help-mitigate-sql-injection-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/"},{"@type":"ListItem","position":2,"name":"UrlScan 3.0 Beta and Tools to Help Mitigate SQL Injection Attacks"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/","name":"Microsoft Windows Server Blog","description":"Your Guide to the Latest Windows Server Product Information","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/#organization","name":"Microsoft Windows Server Blog","url":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-content\/uploads\/2019\/08\/Microsoft-Logo.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-content\/uploads\/2019\/08\/Microsoft-Logo.png","width":1,"height":1,"caption":"Microsoft Windows Server Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/WindowsServer","https:\/\/x.com\/WindowsServer","https:\/\/www.linkedin.com\/showcase\/microsoft-cloud-platform\/","https:\/\/www.youtube.com\/user\/MSCloudOS"]}]}},"word_count":450,"msxcm_display_generated_audio":false,"msxcm_animated_featured_image":null,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Windows Server Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-json\/wp\/v2\/posts\/3183","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-json\/wp\/v2\/users\/685"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-json\/wp\/v2\/comments?post=3183"}],"version-history":[{"count":0,"href":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-json\/wp\/v2\/posts\/3183\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-json\/wp\/v2\/media\/20639"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-json\/wp\/v2\/media?parent=3183"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-json\/wp\/v2\/post_tag?post=3183"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-json\/wp\/v2\/product?post=3183"},{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-json\/wp\/v2\/content-type?post=3183"},{"taxonomy":"solution","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-json\/wp\/v2\/solution?post=3183"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/windows-server\/blog\/wp-json\/wp\/v2\/coauthors?post=3183"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}