Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Microsoft Confirms Attacks Targeting Critical ASP.NET Vulnerability

21 Sep 2010   #1
JMH

Win 7 Ultimate 64-bit. SP1.
 
 
Microsoft Confirms Attacks Targeting Critical ASP.NET Vulnerability

Quote:

Microsoft warns that active attacks are exploiting a recently disclosed vulnerability in all versions of .NET Framework, which affects the majority of ASP.NET applications.

"We've just updated Microsoft Security Advisory 2416728 as we've begun to see limited attacks with the ASP.NET vulnerability.

"We have added questions and answers and encourage customers to review this information and evaluate it for their environment," the Redmond giant announced via its Microsoft Security Response Center (MSRC) blog.

The vulnerability and attack methods, known as "oracle padding," have been demonstrated last Friday at the ekoparty Security Conference in Argentina by security researchers Juliano Rizzo and Thai Duong.

Microsoft has provided an workaround via its security advisory, which involves configuring ASP.NET applications to serve the same custom page for all types of errors.
More -
Microsoft Confirms Attacks Targeting Critical ASP.NET Vulnerability - Softpedia


My System SpecsSystem Spec
.

23 Sep 2010   #2
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

Thank you for the heads up JMH. For me waiting for the security KB always works better for me.
My System SpecsSystem Spec
Reply

 Microsoft Confirms Attacks Targeting Critical ASP.NET Vulnerability




Thread Tools





Similar help and support threads
Thread Forum
Microsoft Confirms Critical IE Bug, Works on Fix
Read more: Microsoft Confirms Critical IE Bug, Works on Fix - PCWorld
Security News
Microsoft Confirms x64 Windows 7 Aero Vulnerability
Source - Microsoft Confirms x64 Windows 7 Aero Vulnerability - In the Windows Canonical Display Driver - Softpedia
News
Microsoft confirms 0-Day IIS security vulnerability
Microsoft has confirmed officially a zero-day security vulnerability affecting Internet Information Services (IIS). The security hole was initially reported just ahead of Christmas on December 23rd, and the Redmond company provided the first response at the end of the past week. So far, the issue...
System Security
Microsoft reports attacks using IIS vulnerability
Microsoft reports attacks using IIS vulnerability Microsoft reports attacks using IIS vulnerability | Deep Tech - CNET News ~Lordbob
News
Microsoft Confirms Attacks Targeting Critical 0-Day Office Excel Vulnerability
more: Softpedia
Microsoft Office
Free Microsoft Security Tool Kills Worm Targeting Critical Windows Flaw
Microsoft has updated the Malicious Software Removal Tool, a free security tool the company is offering Windows users to fight specific malware, in order to defend themselves agaist a prevalent worm that targets a Critical Windows vulnerability. Back in October 2008, the Redmond company made...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 23:29.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App