Microsoft will release an emergency out-of-band security update to address a vulnerability in ASP.NET that affects all versions of the .NET Framework running on Windows Server.The vulnerability – dubbed the Padding Oracle Exploit – abuses the way ASP.NET web applications handle encrypted session cookies and could potentially be used to hijack users' online banking sessions or other web transactions.
According to Microsoft, the emergency patch is due out later today.
Read more:
http://www.pcpro.co.uk/news/security/361489/microsoft-issues-emergency-fix-for-net-scare
Topic: Microsoft issues emergency fix for .NET scare (Read 1075 times)