Stark Raving MOD
Out of Band .NET update - MS11-100
This security update resolves one publicly disclosed vulnerability and three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of these vulnerabilities could allow elevation of privilege if an unauthenticated attacker sends a specially crafted web request to the target site. An attacker who successfully exploited this vulnerability could take any action in the context of an existing account on the ASP.NET site, including executing arbitrary commands. In order to exploit this vulnerability, an attacker must be able to register an account on the ASP.NET site, and must know an existing user name.
This security update is rated Critical for Microsoft .NET Framework 1.1 Service Pack 1, Microsoft .NET Framework 2.0 Service Pack 2, Microsoft .NET Framework 3.5 Service Pack 1, Microsoft .NET Framework 3.5.1, and Microsoft .NET Framework 4 on all supported editions of Microsoft Windows.
Last edited by Midknyte; 12-30-2011 at 02:03 PM.
New Security Features Planned for Firefox 4
Another Laptop Theft Exposes 21K Patients' Data
Oracle Hits to Road to Pitch Data Center Plans
Microsoft Preps Array of Windows Patches
Microsoft Nears IE9 Beta With Final Preview
Simplified Analytics Improve CRM, BI Tools
Android Passes RIM as Top Mobile OS in 2Q
VMware Updates Hyperic System Management
File Monitoring Key to Enterprise Security
LinkedIn Snaps Up SaaS Player mSpoke