Hi,

This in an Email today from Microsoft on MSDN contents:

Reported Vulnerability in ASP.NET

Microsoft is continuing to investigate a reported vulnerability in Microsoft
ASP.NET. Reports have indicated that an attacker could send specially crafted
requests to a Web server running ASP.NET applications and bypass forms based
authentication or Windows authorization configurations, and potentially view
secured content without providing the proper credentials.
Our initial investigation has revealed that all versions of ASP.NET could be affected, independent of the installed IIS version or IIS components.
Microsoft strongly advises, as a preventative measure, that all Web content
owners and administrators who are running any version of ASP.NET immediately read and implement one of the suggestions made in the Microsoft Knowledge Base articles isted on this page.

Isn't life wonderful....