A new type of SQL attack surfaces, beware!

I read with great interest from the latest MSDN Magazine article about a new type of (to me, at least) SQL attack that is similar to the famous SQL injection attack. This time, it is about using the single quote characters ' in input strings. So if you are using Microsoft SQL Server as your database, or other databases that do similar things with quotes that SQL Server does, be sure to read this article, and check out your code.