ASP.Net zero day vulnerability - Padding Oracle exploit

 An ASP.Net cryptograhic zero day was publicly disclosed today.

Microsoft has released an advisory to help customers understand the vulnerability and apply workarounds to secure their sites. The advisory is at

The Microsoft Security Response Center (MSRC) has released a blog at

The Security Research & Defense (SRD) team at Microsoft has also released a blog that contains a script to help detect vulnerable installations. The blog is located at

You can check out more details on Scott Guthrie’s blog at


No Comments