carguy84 - 6:42 am on Jun 12, 2010 (gmt 0)
Looks like a someone is going after servers running IIS using a specific malicious script to exploit a vulnerability contained within IIS.
It allows for mass SQL injections and reportedly 10s of thousands of sites are already effected.
So is it IIS or SQL Injection? They're pretty mutually exclusive as SQL injections come down to programming not platform.