We recommend immediately applying the security update to your servers in order to protect your applications against attackers trying to exploit them.  We’d like to thank Juliano Rizzo and Thai Duong, who discovered that their previous research worked against ASP.NET, for not releasing their POET tool publicly before our update was ready.

You can ask questions and get help with the security vulnerability and update in a special ASP.NET Forum that we have setup here.  If you have problems or questions you can also contact Microsoft Customer Support for help (including support over the phone with a support engineer).  The official Microsoft Security Bulletin post is here.

Thanks,

Scott