Microsoft is denying that a recent rash of Web server attacks are the company’s fault.

In a blog posted late Friday night, Bill Sisk, of the Microsoft Security Response Center, wrote that the attacks are not due to any new or unknown security flaws in Internet Information Services or Microsoft SQL Server. Rather, he says, the attacks are made possible by SQL injection exploits and points Web developers to the company’s list of best practices to prevent such attacks.

Ongoing attacks have affected half a million Web pages, compromising them so they serve up malware, according to several reports. The hacked sites include government sites in the U.K. and sites belonging to the United Nations.

All it takes for a user’s computer to become infected is a visit to a compromised site. While viewing that site, the injected Javascript loads a file named 1,js. The file is located on a malicious server, which then attempts to execute eight different exploits targeting Microsoft applications.

For those who have trouble finding their old commands in Office’s new Ribbon interface, Microsoft has a new option: search for it.

On Monday, the company is releasing an Office add-on called search commands that lets users type the function they are looking to do. After months of testing it internally, Microsoft is ready to give the public a chance to try it out. But the new tool won’t be found on Microsoft’s main Web site.

Rather, it will be available via a new effort, dubbed Office Labs. Spearheaded by Microsoft veteran Chris Pratley, Office Labs is Microsoft’s attempt to test out productivity ideas that may–or may not–be ready for prime time.

In an interview, Pratley said Office Labs is designed to try out anything from just a feature to an entire new product concept. The goal is to get feedback early on, before deciding where to put the big development dollars.

“It’s kind of expensive to make an entire product and then put it out there and see if it’s any good,” he said. Pratley knows firsthand. He was among those who helped create the Office OneNote application earlier this decade after spending the 1990s working on Word and Excel.

Black Duck Software plans to announce Monday that it has purchased the assets of Koders, maker of a code search engine and other tools, for an undisclosed sum.

Black Duck sells products and services based around the use of open-source and third-party code in software development projects.

“We believe that by doing this acquisition, we expand our reach into the developer community,” said Black Duck CEO Douglas Levin.

Koders competes with Krugle, which recently launched the 2.0 version of its code search appliance. While Black Duck considered purchasing other companies, Levin declined to provide any details of those discussions or name the vendors.