Microsoft released Security Advisory 2659883 today which outlines a vulnerability in ASP.NET which could permit a Denial of Service. More information is available here: http://technet.microsoft.com/security/advisory/2659883 Two notes from that page listed as “Mitigating Factors”: By default, IIS is not enabled on any supported Windows operating system Sites that disallow application/x-www-form-urlencoded or multipart/form-data HTTP content types are not vulnerable Please visit the …
Microsoft Security Advisory – Fraudulent Digital Certificates Could Allow Spoofing
Microsoft notifications sent this out in email today (November 10, 2011) regarding fraudulent digital certificates: ******************************************************************** Title: Microsoft Security Advisory Notification Issued: November 10, 2011 ******************************************************************** Security Advisories Updated or Released Today ============================================== * Microsoft Security Advisory (2641690) – Title: Fraudulent Digital Certificates Could Allow Spoofing – http://technet.microsoft.com/security/advisory/2641690 – Revision Note: V1.0 (November 10, 2011): Advisory published.