Microsoft security advisory 2659883 announces DoS vulnerability in ASP.NET

Microsoft released Security Advisory 2659883 today which outlines a vulnerability in ASP.NET which could permit a Denial of Service.

More information is available here:

Two notes from that page listed as “Mitigating Factors”:

  • By default, IIS is not enabled on any supported Windows operating system
  • Sites that disallow application/x-www-form-urlencoded or multipart/form-data HTTP content types are not vulnerable

Please visit the URL above to find out if your OS and version/s of the .NET Framework are affected. Basically it affects every OS, from Windows XP, Vista, 7, Server 2003, and Server 2008 R2, in 64 and 32 bit flavors, and just about every version of the .NET Framework.

Scroll down to the “Suggested Actions” section and read about “Workarounds” if you are using IIS.

If you are in the Greenville or Upstate, SC area and need assistance with this or any other computer service / support issue, please call us at 864.990.4748 or email

Leave a Reply

Your email address will not be published. Required fields are marked *