Microsoft issues emergency fix for .NET scare

Started by Simon, Sep 28, 2010, 21:29:29

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Simon

Sep 28, 2010, 21:29:29
Microsoft will release an emergency out-of-band security update to address a vulnerability in ASP.NET that affects all versions of the .NET Framework running on Windows Server.

The vulnerability – dubbed the Padding Oracle Exploit – abuses the way ASP.NET web applications handle encrypted session cookies and could potentially be used to hijack users' online banking sessions or other web transactions.

According to Microsoft, the emergency patch is due out later today.

Read more: http://www.pcpro.co.uk/news/security/361489/microsoft-issues-emergency-fix-for-net-scare
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Technical Ben

#1
Sep 29, 2010, 10:46:42
I'd like to see an entire programming language/os built from the ground up with a hard walled deign to block out any attempts to access something. Similar to putting your Iphone in a locked safe, but in a software way... oh wait, that's Linux...  :whistle:
I use to have a signature, then it all changed to chip and pin.
Print
Go Up Pages1
User actions