Run a ASP.Net site/service? Update now... (Vulnerability in ASP.NET Could Allow Denial of Service and Vulnerabilities in .NET Framework Could Allow Elevation of Privilege)

A few minutes ago Microsoft released an advance notification security bulletin announcing that we are releasing an out-of-band security update to address an ASP.NET Security Vulnerability.

The security update we are releasing resolves a publicly disclosed Denial of Service issue present in all versions of ASP.NET. We’re currently unaware of any attacks on ASP.NET customers using this exploit, but we strongly encourage customers to deploy the update as soon as possible.

We are releasing the security update via Windows Update and the Windows Server Update Service. You can also manually download and install it via the Microsoft Download Center. We will release the update on Thursday, December 29th at approximately 10am Pacific Time (US and Canada). We are announcing it ahead of time to ensure that administrators know that the security update is coming, and are prepared to apply it once it is available.

Read more: Greg's Cool [Insert Clever Name] of the Day
Read more: ASP.NET Security Update Shipping Thursday, Dec 29th
QR:

Posted via email from Jasper-net