Microsoft will release an emergency out-of-band security update to address a vulnerability in ASP.NET that affects all versions of the .NET Framework running on Windows Server.
The vulnerability – dubbed the Padding Oracle Exploit – abuses the way ASP.NET web applications handle encrypted session cookies and could potentially be used to hijack users' online banking sessions or other web transactions.
According to Microsoft, the emergency patch is due out later today.
Read more: http://www.pcpro.co.uk/news/security/361489/microsoft-issues-emergency-fix-for-net-scare
I'd like to see an entire programming language/os built from the ground up with a hard walled deign to block out any attempts to access something. Similar to putting your Iphone in a locked safe, but in a software way... oh wait, that's Linux... :whistle: