At http://www.darkreading.com/database-security/167901020/security/news/231901236/mass-sql-injection-attack-hits-1-million-sites.html there is a disturbing report on the extent of SQL injection attacks.
The atttack is not just SQL Injection attack but uses scripts to initiate "drive-by" downloads to the client PC?
What are you doing to secure your websites both externally facing and internally facing?
Are you installing a full-spectrum security solution such as Sunbelt's VIPRE on your client PC's?