Microsoft Fixes ASP.NET Zero-Day Flaw
by Tony Bradley, Yahoo News
Microsoft released Security Bulletin MS10-070 out-of-band today–a couple weeks ahead of the regularly scheduled Patch Tuesday for October. The update resolves a zero-day issue with ASP.NET that could allow an attacker to compromise information on all supported versions of Windows.
The details from the Microsoft security bulletin describe the zero-day vunerability. "An information disclosure vulnerability exists in ASP.NET due to improper error handling during
