Emailing "SMK: No Protection Against SQL Injection"
In his blog entry, [Kaspersky attack should have us all worried](http://blog.internetnews.com/skerner/2009/02/kaspersky-attack-should-have-u.html), internetnews.com's Sean Michael Kerner writes, "The reality from where I sit is that anti-virus software cannot stop a SQL injection attack."
Recently, the security company Kaspersky admitted that it was the victim of such an attack and has hired a noted expert, David Litchfield, to check the company's databases.
As the services we offer become more complex, and as we access our systems from an ever more diverse suite of endpoints, security may seem to be impossible.
Progress in security is only possible as long as companies are willing, like Kaspersky, to admit when vulnerabilities are exploited. The internet community should praise Kaspersky for its courage.