*>>**Seems like the threat from this one reached the critical level* I would say that it reached that level as soon as the exploit was publicly announced. Microsoft appeared to jump on it right away, and I'm hopeful that the right balance of speed and thoroughness has come into play here.
*ASB *(My XeeSM Profile) <http://XeeSM.com/AndrewBaker> *Exploiting Technology for Business Advantage...* * * On Mon, Sep 27, 2010 at 4:45 PM, Ziots, Edward <[email protected]> wrote: > Repost From Jason Cooper on alternative security list: > > > > Seems like the threat from this one reached the critical level and a fire > was lit under someones behind to make sure the patch was available > accordingly. I would put this pretty high on your patch list if you have > external facing ASP.NET based websites, which will need patching > accordingly. > > > > Microsoft has just announced that we are planning to release an out-of-band > security bulletin tomorrow, September 28, 2010 to address the recently > disclosed vulnerability in ASP.NET. > > > > > > > > The full version of the Microsoft Security Bulletin Advance Notification > can be found at > http://www.microsoft.com/technet/security/bulletin/ms10-sep.mspx. > > > > > > > > This is for the vulnerability first disclosed in Microsoft Security > Advisory 2416728: > http://www.microsoft.com/technet/security/advisory/2416728.mspx. > > > > > > > > For some additional context, please see the below blogs. > > > > > > > > http://blogs.technet.com/msrc/ > > > > http://blogs.technet.com/srd/ > > > > > > > > Please let us know if you have questions or information to share related to > this issue. > > > > > > > > Thanks, > > > > Jason > > > > > > > > Jason Cooper > > > > Security Program Manager > > > > Microsoft CSS Security > > > > +1 (425) 707-4121 > > > > [email protected]<mailto:[email protected]<[email protected]%3cmailto:[email protected]> > > > > > > > > Edward E. Ziots > > CISSP, Network +, Security + > > Network Engineer > > Lifespan Organization > > Email:[email protected] <email%[email protected]> > > Cell:401-639-3505 > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
