X
Business
Home Business Companies Microsoft

Microsoft warns of .NET vulnerability

Microsoft is warning people of a potentially serious vulnerability in its ASP.NET framework used to create Web sites.
Written by Natalie Gagliordi, Contributor

Microsoft is warning people of a potentially serious vulnerability in its ASP.NET framework used to create Web sites.

The hole affects all versions of the .NET framework and affects Windows XP, Vista, Windows 7, and Windows Server 2003 and 2008, company said in an advisory released late on Friday. "At this time we are not aware of any attacks using this vulnerability and we encourage customers to review the advisory for mitigations and workarounds," the company said in a blog post.

The vulnerability is caused by ASP.NET providing Web clients details in error messages when decrypting certain ciphertext, Microsoft said. An attacker could be able to read or tamper with data that was encrypted by the server, as well as read data from files on the target server.

For more on this story, read Microsoft warns of .NET vulnerability on CNET News.

Editorial standards
Show Comments

Related

Anker Solix X1

Not into the Tesla Powerwall? You can now buy the Anker Solix X1

windows-11-laptop

Microsoft is now showing ads in Windows 11's Start menu. Here's how to block them

Placeholder product image alt text

The best AI image generators to try right now