The flaw lets attackers intercept secure SSL communications between computers using what’s known as a man-in-the-middle attack. Security experts say the flaw has probably existed for years, but it is not thought to have been exploited in any attacks. The bug was inadvertently disclosed on an obscure mailing list Wednesday, forcing vendors into a mad scramble to patch their products. The issue was discovered in Auguust by researchers at PhoneFactor, a mobile-phone security company, who had been working with a consortium of technology vendors to coordinate an industry wide fix.”]
Source: https://www.csoonline.com/article/2124531/vendors-scrambling-to-fix-bug-in-net-s-security.html