RealTime IT News

Microsoft Preps Out-of-Band Patch for ASP.NET

Microsoft on Tuesday will push out a new fix to what it called an "important" security threat to its .NET framework when used on Windows Server operating systems.

As eSecurity Planet reports, the out-of-band patch resolves vulnerabilities first brought to light just over a week ago and will first be made available on the Microsoft Download Center.

Microsoft sent out an advance notification to server and security administrators on Monday afternoon in advance of the release of the Security Bulletin. ASP.NET is a part of the .NET Framework and is used to write Web sites, Web applications and Web services that run on Microsoft servers.

The company typically releases an advance notice prior to release of a patch in order to give administrators time to plan for testing and deployment.


Microsoft plans to deliver an out-of-band patch Tuesday for an encryption flaw in a key Internet server technology after "limited attacks" were spotted on the Web.

Although the flaw in what's known as ASP.NET is only ranked as "important" -- the second-highest rating in Microsoft's (NASDAQ: MSFT) four-tier bug severity ranking scale -- the company is moving quickly to block any more attacks.

Microsoft sent out an advance notification to server and security administrators on Monday afternoon in advance of the release of the Security Bulletin. ASP.NET is a part of the .NET Framework and is used to write Web sites, Web applications and Web services that run on Microsoft servers.

Read the full story at eSecurity Planet:
Microsoft Rushes Out Important ASP.NET Patch