Home
Build a PC

Build a PC Featured Content

Build It: Three Radeon HD 7970s—One Monster PC

Build a PC on Any Budget: Three Builds from $500 to $2000

Intel's Ivy Bridge: The Maximum PC Review

Kepler Unveiled: Nvidia's GTX 680 Benchmarked In-Depth!

Is Your SATA Cable Slowing Down Your Data Transfers? Max PC Investigates

All Build a PC Articles
Windows
Windows RSS
Windows Featured Content

Windows 8 on Arm – Everything You Need To Know About WOA

Looking Forward: Our Predictions for Windows 9

8 Things We Hate About Windows 8

8 Things We Love About Windows 8

The Big Guide: 20 Tips and Tricks to Get The Most Out of Windows 8

All Windows Articles
Best of the Best
Hardware
- Hardware Home
- CPU
- Memory
- Video Cards
- Cases
- Cooling
- Displays
- Motherboards
- Reviews
Hardware RSS
Hardware Featured Content

Build It: Upgrading an X58 Rig into a Gaming Powerhouse

Build a PC on Any Budget: Three Builds from $500 to $2000

PC Pr0n: 25 New, Kick-Ass Case Mods

Intel's Ivy Bridge: The Maximum PC Review

Gaming Showdown: Playstation Vita vs iPhone 4S

All Hardware Articles
Software
Software RSS
Software Featured Content

Windows 8 on Arm – Everything You Need To Know About WOA

8 Things We Hate About Windows 8

Install Windows 8 Today

Seven Ways to Stop Piracy WITHOUT DRM

In Search of the Suite Spot: 3 Media Creation Packages Face Off

All Software Articles
Gaming
- Gaming Home
- Reviews
- Hardware
- Software
- Gaming PCs
- Bioshock
Gaming RSS
Gaming Featured Content

The Game Boy: Game Endings Aren't Bad – They're Just Misunderstood

First Impressions: Diablo III's Hits, Misses, and Head-Scratchers

Never Be Productive Again: The 20 Best New Browser Games

Gaming Showdown: Playstation Vita vs iPhone 4S

Eurocom Neptune 3D Review

All Gaming Articles

Microsoft Security Advisory Warns of .NET Vulnerability

Posted 09/21/2010 at 7:19am | by Paul Lilly

2

Comments

Print

Microsoft this week updated one of its Security Advisory (2416728) detailing a vulnerability in ASP.NET that could allow hackers to sniff through your data.

"Microsoft is investigating a new public report of a vulnerability in ASP.NET. An attacker who exploited this vulnerability could view data, such as the View State, which was encrypted by the target server, or read data from files on the target server, such as web.config," the Security Advisory reads. "This would allow the attacker to tamper with the contents of the data. By sending back the altered contents to an affected server, the attacker could observe the error codes returned by the server. Microsoft is aware of limited, active attacks at this time."

The security hole affects all versions of the .NET Framework and several versions of Windows, including Windows 7, Vista, XP, Server 2003, Server 2008, and Server 2008 R2.

As of right now, there really isn't anything you can do, at least until Microsoft completes its investigation. When it does, the Redmond outfit said it may provide an out-of-cycle security update.

Tags:

2

Comments

Comments are closed on this article

svelasquez123

September 21, 2010 at 5:15pm

http://weblogs.asp.net/scottgu/archive/2010/09/18/important-asp-net-security-vulnerability.aspx

Infidelus

September 21, 2010 at 8:43am

Not true that there is nothing you can do. You can enable custom errors so that all errors of all types point to the save error page. This effectively shuts down the exploit because the attacker can't get incremental information on the cryptographic oracle. In fact, they posted that workaround to the dev community before it even made news.

Connect with MaximumPC

Featured Content

Diablo 3: Our First Impressions

We Want YOU

To apply for a job writing for Maximum PC

No BS Podcast #185: No Star Wars

The gang discusses the GTX 690, Trinity, Ivy Bridge, Amazon, big-box stores, MMOs,...

10 of the Biggest Tech Stories We All Got Wrong

Nvidia GTX 690 Benchmarked

Nvidia's dual-GPU Kepler Card: we've run the numbers!

This month's issue

Feature

Build a PC On Any Budget

Feature

Cloud Services Showdown

How-To

Encrypt Your External Drive

Build It

Upgrade an X58 Rig

Most Commented Articles

123Comments

Microsoft Plans to Kill the Aero UI Prior To Final...

96Comments

Install Windows 8 Today

91Comments

Kepler Unveiled: Nvidia's GTX 680 Benchmarked In-...

84Comments

Know The Difference: Phasers vs Blasters And 8 Other...

82Comments

YouTube Video Shows How "Real People" React...

Latest Max PC Tweets

maximumpc: Original RickRoll Video Returns to YouTube After 24-Hour Copyright Hiatus http://t.co/MaH9Sxyy1 day 21 hours ago
maximumpc: Corsair has decided not to go forward with its $78 million IPO, citing weak equity market conditions http://t.co/A5a4DAzj1 day 21 hours ago
maximumpc: Want to work at Maximum PC? Our Online Managing Editor, Alex, is moving away, so we need a new one. http://t.co/9Z7JCh0E3 days 19 hours ago

MaximumPC on Facebook

Recommendations

Microsoft Security Advisory Warns of .NET Vulnerability

Microsoft Security Advisory Warns of .NET Vulnerability

Here's What You Get:

More like this

Comments

svelasquez123

Infidelus

Log in to MaximumPC directly or log in using Facebook

Connect with MaximumPC

Featured Content

This month's issue

Feature

Feature

How-To

Build It

Buy Subscription

Most Commented Articles

Latest Max PC Tweets

MaximumPC on Facebook