Vulnerability in ASP.NET Could Allow Information Disclosure:: Microsoft Security Advisory (2416728)

Here is the update and workaround about the vulnerability in ASP.NET: Microsoft is investigating a new public report of a vulnerability in ASP.NET. An attacker who exploited this vulnerability could view data, such as the View State, which was encrypted by the target server, or read data from files on the target server, such as web.config. This would allow the attacker to tamper with the contents of the data. By sending back the altered contents to an affected server, the attacker could observe the...(<a href="http://sqlserver-qa.net/blogs/dotnet_40/archive/2010/09/21/vulnerability-in-asp-net-could-allow-information-disclosure-microsoft-security-advisory-2416728.aspx">read more</a>)<img src="http://sqlserver-qa.net/aggbug.aspx?PostID=9568" width="1" height="1">