Microsoft security advisory 2659883 announces DoS vulnerability in ASP.NET

Microsoft released Security Advisory 2659883 today which outlines a vulnerability in ASP.NET which could permit a Denial of Service. More information is available here: Two notes from that page listed as “Mitigating Factors”: By default, IIS is not enabled on any supported Windows operating system Sites that disallow application/x-www-form-urlencoded or multipart/form-data HTTP content types are not vulnerable Please visit the …

Microsoft Security Advisory – Fraudulent Digital Certificates Could Allow Spoofing

Microsoft notifications sent this out in email today (November 10, 2011) regarding fraudulent digital certificates:   ******************************************************************** Title: Microsoft Security Advisory Notification Issued: November 10, 2011 ********************************************************************   Security Advisories Updated or Released Today ==============================================   * Microsoft Security Advisory (2641690) – Title: Fraudulent Digital Certificates Could Allow Spoofing – – Revision Note: V1.0 (November 10, 2011): Advisory published.