Today Microsoft released the update for a publicly-disclosed vulnerability affecting ASP.NET servers to all their standard distribution channels, including Windows Update and WSUS (Windows Server Update Services).
The update, designated MS10-070, was released two days ago to the Microsoft Download Center so that administrators could begin to test it on their applications.
The update will show up for all users with all versions of the .NET framework, so if you’re on a desktop system that doesn’t do web serving it’s not a really high priority to apply the update. In fact, one could argue that it doesn’t really matter for desktops, unless they are running development IIS web servers and those servers are available to untrusted users.
For servers it’s a clearly important update, but not of the “drop everything and apply this now” type. You should test it. And if you don’t do .NET applications on the server you shouldn’t need it (but then you shouldn’t need the .NET Framework either).
View full post on Security Watch
Related Posts
- Microsoft Releases Out Of Band Update For ASP.NET Flaw
Microsoft today released a security bulletin and "out of band" update for a vulnerability affecting ASP.NET applications.
The early analysis on this vulnerability has called it extremely ser... - Microsoft Releases ASP.NET Fix
On Thursday, Microsoft released the update for a publicly-disclosed vulnerability affecting ASP.NET servers to all their standard distribution channels, including Windows Update.
View full ... - Microsoft Releases “Out of Band” IE Update
Microsoft has released a new patch for Internet Explorer, and no, your calendar isn't off, this is NOT the Second Tuesday of the month. According to the Microsoft Security Advisory, updated today, th... - Silverlight Update Available, (Thu, Apr 21st)
Microsoft has issued a security patch for Silverlight KB2526954. It fixes several security issues. However, the Microsoft link to KB2526954 is still not live. If you have Microsoft update running, it ... - Patchday: Fresh releases from Microsoft and Google
As announced last Friday, Microsoft released 3 Security Bulletins which deal with patches for 4 security vulnerabilities. One of them is rated critical and resides within the DirectShow framework for ... - Microsoft update for restricting the USB Autorun
Microsoft has released an "important, non-security update" ( KB971029) that restricts Autorun entries in the AutoPlay dialog to only CD and DVD drives.
This update is apply for Windows XP/Vista/no... - Windows Phone 7 update bricks some handsets – Microsoft in security middle ground
Microsoft tried to push an update to their newly released Windows Phone 7 this week and accidentally bricked some Samsung-branded handsets.
Microsoft has since pulled the update, but only for the Sams... - Anatomy of a Biting Bunny – The Infected Microsoft Catalog Update
Aryeh Goretsky posted a blog about a trojan program in a Microsoft catalog update. I thought it might be a little interesting to know how this can happen and why it doesn’t happen more often.
A... - Microsoft re-issues Outlook 2007 update after Dec. blunder
Nearly a month after it yanked an Outlook 2007 update over connection and performance problems, Microsoft has re-released the patch to correct its mistakes.
Full story: Computerworld Security New... - Apple Releases Vast OS X Security Update
Apple released today an update to OS X of possibly unprecedented proportions, addressing 131 separate vulnerabilities, one over 2 years old.
View full post on PCMag.com Security Coverage...
Posted on 01 October 2010. Tags: ASP.NET, Automatic, Channels, Microsoft, Releases, Update
