Patch available for ASP .NET Security Vulnerability

In our previous post ASP.NET Security Vulnerability : Discovered in September 2010, We have seen detailed information about security vulnerability which is discovered about a week ago.

Now Microsoft come up with the patch to solve the issue. Currently update is available with the Microsoft Download Center. Very soon Microsoft provide this update via Windows update service also. Follow the following link and download the appropriate link as per server configurations.

Download : Patch for ASP .NET Security Vulnerability

Read More

ASP.NET Security Vulnerability : Discovered in September 2010

On September 18, 2010, Micrsoft released a Microsoft Security Advisory about a security vulnerability in ASP.NET.  This vulnerability exists in all versions of ASP.NET.

What is this vulnerability?
An attacker can request and download restricted files of an ASP.NET Application like the web.config file (which often contains sensitive data). An attacker can also decrypt data sent to the client in an encrypted state (For eg. ViewState).

There are several ways to get rid of this security vulnerability until microsoft release a patch for it.

More information about security vulnerability and its solution
Please visit the following link to read more about vulnerability and also get idea about possible solution to overcome this security vulnerabilty.

Read More : ASP.NET Security Vulnerability

Read More