Microsoft releases MS11-100 for Security Advisory 2659883

Discussion in 'Security Alerts' started by News, Dec 29, 2011.

  1. News

    News Extraordinary Robot
    News Feed

    Jun 27, 2006
    Likes Received:
    Today we released Security Update MS11-100 to address the issue described in Security Advisory 2659883.
    The security update has a severity rating of Critical and resolves a publicly disclosed remote unauthenticated Denial of Service issue in ASP.NET versions 1.1 and above on all supported versions of .NET Framework. Of note, the new method of hash collision attacks used to exploit this vulnerability is an industry-wide issue affecting various Web platforms, including ASP.NET.
    While we have seen no attacks attempting to exploit this vulnerability, we encourage affected customers to test and deploy the update as soon as possible. Consumers are not vulnerable unless they are running a Web server from their computer. More technical details can be found at the Security Research & Defense Blog.
    For all the latest information, you can also follow the MSRC team on Twitter at @MSFTSecResponse.
    Dave Forstrom
    Microsoft Trustworthy Computing



Share This Page