Important: ASP.NET Security Vulnerability
On 17th of September 2010, we released a Microsoft Security Advisory about a security vulnerability in ASP.NET. This vulnerability exists in all versions of ASP.NET.
This vulnerability was publically disclosed late Friday at a security conference. We recommend that all customers immediately apply a workaround (described in the Scott Guthrie’s blog post in http://weblogs.asp.net/scottgu/archive/2010/09/18/important-asp-net-security-vulnerability.aspx or in the Microsoft Security Advisory ) to prevent attackers from using this vulnerability against your ASP.NET applications.