Open Source News » Slashdot: IT » Microsoft To Release Emergency Fix For ASP.NET Bug

Feeds

34738 items (30225 unread) in 5 feeds

OpenSource (5767 unread)

• SourceForge.net: Front page news (802 unread)
• Slashdot: IT (4965 unread)

Security (11370 unread)

• Digg / Security (11370 unread)

Linux (13088 unread)

• digg / Linux/Unix (11427 unread)
• Slashdot: Linux (1661 unread)

Slashdot: IT

• 

  Microsoft To Release Emergency Fix For ASP.NET Bug

  Posted: September 28th, 2010, 4:12am CEST by Soulskill

  Tags:  microsoft  

  Trailrunner7 writes "Microsoft on Tuesday will release an emergency out-of-band patch for the ASP.NET padding oracle attack that was disclosed earlier this month. The patch will only be available on the company's Download Center for the time being, however. The company is taking the step of releasing an emergency fix for the bug because of the seriousness of the vulnerability — which potentially affects millions of Web applications — and the fact that there are attacks ongoing against it already. The patch will fix the flaw in all versions of the .NET framework. Although Microsoft issued guidance about workarounds to defend against attacks on the ASP.NET bug shortly after it was publicly disclosed, the researchers, Juliano Rizzo and Thai Duong, said that the workarounds did not fully protect users against their attack."

  Read more of this story at Slashdot.