Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: MS OOB patch tomorrow for Security Advisory 2416728 - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MS OOB patch tomorrow for Security Advisory 2416728

Microsoft is going to release an Out-of-Band Security bulletin tomorrow, 28 September 2010, which will address a security vulnerability in ASP.Net affecting all current versions of Windows.


Keep an eye on this one folks! More information is surely to follow.

Adrien de Beaupré Inc.

Adrien de Beaupre

353 Posts
ISC Handler
Sep 27th 2010
It is not clear to me if there is a difference of protection between the patch and the workaround is suffcient. If the workaround is applied should be still apply the emergency patch?
@Seccubus: one of the apparent authors of the attack wrote (9:21 PM Sep 25th at
"Another video may prove it all, but I'm tired. So believe it or not, Microsoft workarounds can't prevent the attack. Ask them for the patch!"

Hopefully the patch really fixes the problem...
Erik van Straten

129 Posts

Sign Up for Free or Log In to start participating in the conversation!