Microsoft has released a security advisory to alert users of a vulnerability affecting ASP.NET. Exploitation of this vulnerability may allow an attacker to obtain sensitive information or tamper with data.

US-CERT encourages administrators to review Microsoft security advisory 2416728 and apply…

Read more at: US-CERT Current Activity

Microsoft has released a security advisory to alert users of a vulnerability affecting ASP.NET. Exploitation of this vulnerability may allow an attacker to obtain sensitive information or tamper with data.

US-CERT encourages administrators to review Microsoft security advisory 2416728 and apply any necessary workarounds until a fix is released by the vendor.

Update: Microsoft has
indicated that this vulnerability affects all applications that rely on
the ASP.NET platform. Microsoft has also updated the security advisory
to include additional workaround details. The Microsoft SharePoint Team
has updated its blog entry “Security Advisory 2416728 (Vulnerability in ASP.NET) and SharePoint” to assist users in how to mitigate these risks in SharePoint.

US-CERT will provide additional information as it becomes available.

Read more at: US-CERT Current Activity