A few days after MIcrosoft released a patch to fix a vulnerability in ASP.NET that could enable a denial-of-service attack, someone has released exploit code for the vulnerability. The code is designed to exploit a recently discovered vulnerability that s related to the way that the software handles certain HTTP post requests. The vulnerability was first disclosed in late December at the Chaos Communications Congress in Germany. Microsoft shipped an emergency patch for the flaw on Dec. 29, recommending that users install it as quickly as possible.
Source: https://threatpost.com/exploit-code-released-aspnet-flaw-010912/76073/