Microsoft releases Security Advisory 2659883, offers workaround for industry-wide issue

Discussion in 'Security Alerts' started by News, Dec 28, 2011.

  1. News

    News Extraordinary Robot
    News Feed

    Jun 27, 2006
    Likes Received:
    Today we published Security Advisory 2659883 to provide a workaround to help protect ASP.NET customers from a publicly disclosed vulnerability that affects various Web platforms industry-wide. We are not aware of any attacks using this vulnerability, which affects all supported versions of .NET Framework, however we recommend customers use the mitigation and workaround described in the Advisory to help protect sites against this new method to exploit hash tables.
    Our teams are working around the clock worldwide to develop a security update of appropriate quality to address this issue. Meanwhile, our Security Research & Defense team has written a blog post to explain how to know if you are vulnerable and detect exploitation, as well as background on the workaround. We are also working closely with our Microsoft Active Protections Program (MAPP) to help our partners build protections when and where possible. We will continue to update customers with new information as it becomes available.
    For all the latest information, you can also follow the MSRC team on Twitter at @MSFTSecResponse.
    Dave Forstrom
    Microsoft Trustworthy Computing



Share This Page