• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

修复 ASP.NET security vulnerability

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

Just a few moments ago we posted new information and guidance related to the reported ASP.NET security vulnerability. This includes several pieces.

1) We updated
http://www.microsoft.com/security/incident/aspnet.mspx with new information about the reported vulnerability. This should help clear up some of the confusion we've seen about what is affected by the reported issue. To be super clear, customers with any ASP.NET deployments, on ALL OS's should follow the guidance provided.

2) We released a new HTTP Module mitigation best practice. This is in the form of an MSI installer that will help protect all ASP.NET applications on a Web server. This MSI installer will place a binary into the GAC and update the machine.config file for ASP.NET. Download information at
http://www.microsoft.com/downloads/details.aspx?FamilyID=da77b852-dfa0-4631-aaf9-8bcc6c743026&displaylang=en

One can also download the MSI directly at
http://download.microsoft.com/download/4/6/1/461433d5-cbac-4721-85cb-c5a514fd0049/VPModule.msi

3) We have posted detailed guidance about the HTTP Module, how the MSI works, and how to deploy it. You can find this KB Article at
http://support.microsoft.com/?kbid=887289

We will continue to update the Microsoft.com Security Incident page as new information / guidance becomes available so please let your customers know to check back often for new information. We will also continue to monitor the www.asp.net forums for customer questions.

 

http://www.microsoft.com/security/incident/aspnet.mspx for more information.

 

MS立志做得更好,也更加看重社区的力量。不错的新闻,不错的一天:)

 


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
热门推荐
热门话题
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap