Blog | G5 Cyber Security

Microsoft Warns of Attacks Against ASP.NET Flaw

Microsoft is warning customers that it has seen ongoing attacks against the recently disclosed padding oracle vulnerability in ASP.NET. Microsoft is encouraging customers to implement a workaround that will help protect against the publicly disclosed exploit for the bug. The workaround causes applications to return the same error message regardless of what the actual error it encounters is. This prevents the server from sending error messages to the attacker that might give him important information about what error was caused on the application. Microsoft security officials said that they plan to release a patch for the flaw, although they have not specified any time frame for the release.

Source: https://threatpost.com/microsoft-warns-attacks-against-aspnet-flaw-092110/74498/

Exit mobile version