MS OOB patch tomorrow for Security Advisory 2416728

Published: 2010-09-27. Last Updated: 2011-01-24 23:34:17 UTC
by Adrien de Beaupre (Version: 1)
2 comment(s)

Microsoft is going to release an Out-of-Band Security bulletin tomorrow, 28 September 2010, which will address a security vulnerability in ASP.Net affecting all current versions of Windows.

References:

http://www.microsoft.com/technet/security/advisory/2416728.mspx

http://blogs.msdn.com/b/sharepoint/archive/2010/09/21/security-advisory-2416728-vulnerability-in-asp-net-and-sharepoint.aspx

http://weblogs.asp.net/scottgu/archive/2010/09/24/update-on-asp-net-vulnerability.aspx

Keep an eye on this one folks! More information is surely to follow.

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.

Keywords: asp microsoft oob patch
2 comment(s)

Comments

It is not clear to me if there is a difference of protection between the patch and the workaround is suffcient. If the workaround is applied should be still apply the emergency patch?

Seccubus

Sep 28th 2010
1 decade ago

@Seccubus: one of the apparent authors of the attack wrote (9:21 PM Sep 25th at http://twitter.com/thaidn/):
"Another video may prove it all, but I'm tired. So believe it or not, Microsoft workarounds can't prevent the attack. Ask them for the patch!"

Hopefully the patch really fixes the problem...

Bitwiper

Sep 28th 2010
1 decade ago

Login here to join the discussion.


Top of page
Diary Archives