Microsoft said today it will issue an emergency patch tomorrow to fix an important hole in the ASP.Net framework used to create Web sites.
The vulnerability was disclosed by Microsoft just over a week ago and later found to be used in limited attacks. It affects all versions of the .Net framework when used on Windows Server operating systems, according to the advisory.
Windows desktop systems are affected but not vulnerable unless they are being used to run a Web server, Microsoft said.
"Based on our comprehensive monitoring of the threat landscape, we have determined an out-of-band release … Read more