Microsoft Releases Security Bulletin (Out-of-Band) to Address Vulnerabilities in .NET Framework

On Thursday, December 29, 2011, Microsoft released MS11-100 to protect customers against the industry-wide issue described in Security Advisory 2659883. The security update resolves a publicly disclosed, remote unauthenticated Denial of Service issue in ASP.NET versions 1.1 and above, on all supported versions of the .NET Framework. Please note that systems are not vulnerable unless they are running a Web server. Microsoft is currently unaware of any attacks targeting ASP.NET, but New Signature encourages affected customers to test and deploy the update as soon as possible.