You would think that Microsoft would know how to secure there own web application, however it looks like the UK Events section of the site was left open to XSS and SQL Injection attacks which caused Saudi Arabia hackers to deface the page. A video was online over the weekend showing how it was done, however has now been taken down. Hopefully it will make a reappearance.
I found it assuming.
Reported at:
http://www.theregister.co.uk/2007/07/02/ms_uk_defacement/ and http://www.zone-h.org/content/view/14780/31/