Republished with Permission - Original Article
A few hours ago we released a Microsoft Security Advisory about a security vulnerability
in ASP.NET. This vulnerability exists in all versions of ASP.NET.
This vulnerability was publically disclosed late Friday at a
security conference. We recommend that all customers immediately apply a
workaround (described below) to prevent attackers from using this vulnerability
against your ASP.NET applications.
Important Update: You can now download the official security
patch update here. Please install it ASAP on your servers – it is the
only way to protect against the vulnerability. You should no longer rely on the
below workaround and instead install the official security patch update
immediately to protect yourself.