MS Sec Notification mailing list archives

Microsoft Security Advisory Notification

From: "Microsoft" <securitynotifications () e-mail microsoft com>
Date: Sat, 25 Sep 2010 02:40:45 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


********************************************************************
Title: Microsoft Security Advisory Notification
Issued: September 24, 2010
********************************************************************

Security Advisory Updated Today
==============================================

 * Microsoft Security Advisory (2416728)
  - Title: Vulnerability in ASP.NET Could Allow
    Information Disclosure
  - http://www.microsoft.com/technet/security/advisory/2416728.mspx
  - Revision Note: V1.2 (September 24, 2010): Added an entry to
    the FAQ to announce a revision to the workaround, "Enable a
    UrlScan or Request Filtering rule, enable ASP.NET custom
    errors, and map all error codes to the same error page."
    Customers who have already applied the workaround should
    reapply all listed steps.    


Other Information
=================

Follow us on Twitter for the latest information and updates:
http://twitter.com/msftsecresponse 

Recognize and avoid fraudulent e-mail to Microsoft customers:
=============================================================
If you receive an e-mail message that claims to be distributing
a Microsoft security update, it is a hoax that may contain
malware or pointers to malicious Web sites. Microsoft does
not distribute security updates via e-mail.

The Microsoft Security Response Center (MSRC) uses PGP to digitally
sign all security notifications. However, it is not required to read
security notifications, security bulletins, security advisories, or
install security updates. You can obtain the MSRC public PGP key at
https://www.microsoft.com/technet/security/bulletin/pgp.mspx.

To receive automatic notifications whenever Microsoft Security 
Bulletins and Microsoft Security Advisories are issued or revised,
subscribe to Microsoft Technical Security Notifications on
http://www.microsoft.com/technet/security/bulletin/notify.mspx.


********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************

To cancel your subscription to this newsletter, reply to this 
message with the word UNSUBSCRIBE in the Subject line.  

To set your contact preferences for this and other Microsoft 
communications, see the communications preferences section of the 
Microsoft Privacy Statement at:
<http://go.microsoft.com/fwlink/?LinkId=92781>.

For the complete Microsoft Online Privacy Statement, see:
<http://go.microsoft.com/fwlink/?LinkId=81184>.

For legal Information, see:
<http://www.microsoft.com/info/legalinfo/default.mspx>.

This newsletter was sent by:
Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.9.0 (Build 397)
Charset: utf-8

wsFVAwUBTJ1Fa/SWSWlRYp1gAQjqRxAAl7ejEa79Vjp7VbDo/PpbTywmU6/uiuKh
e8cEPkTn/IhNynoMZ66HHoV4IwztK2E75f/KE+MnkLVbOinzGE5cisBnFWcippvY
QrOPJBILMUE7OBpYgaSMyUTnnXFju/+b0gNAazNPOsbrjpVbsT8StjUcLdfBMbx8
rIHUZKl9sCLiLk54Q6/gczm2tJ38cP5nN7v9ZbpxLSo278bEV5HgNsmPeYL30qEr
hj4o09sqW8c2MIP3D8bKKxEgNr7CvMoRRZ2KupMu7D4UIj6I32hPsQenhrUHAwiy
jAyt/O98pMg0AdX8wzBqkGqd04RlqwbXs08tjsv0AH8ihh2ljWuvCZim+CdnRHyw
V7ecGJjlrW2+6WS4CO0FSigHdJqWeaQVnrCLn4hGN/9qzwzYpHkCGwndbQ82KOou
AI8wHHFCZ21mMohmh4iGzOc009TCH/lfpMprFTYhUimxdIpsWpggIvQ74kzyiD6s
ICt3a0MoXbKuvfCIoEE7UYPLM+d2Ghsc3RRBylKkcVtejwey+THkzD+HqEBhkblB
Tl6qjautjL2Su5tpGV43vsSlp75afc8auWVq7nHtJv3U/7PyRMUyFHlIK0IRO669
2Que4YU4+bnPeSxeol4p/vkRyoT9FzGN//xBbMmsjanUQDzL9QUUqv1ZcXPUIGTM
bG+pfEexxP4=
=SFoa
-----END PGP SIGNATURE-----

Current thread:

Microsoft Security Advisory Notification Microsoft (Jul 16)
- <Possible follow-ups>
- Microsoft Security Advisory Notification Microsoft (Jul 19)
- Microsoft Security Advisory Notification Microsoft (Jul 20)
- Microsoft Security Advisory Notification Microsoft (Aug 10)
- Microsoft Security Advisory Notification Microsoft (Aug 23)
- Microsoft Security Advisory Notification Microsoft (Aug 31)
- Microsoft Security Advisory Notification Microsoft (Sep 14)
- Microsoft Security Advisory Notification Microsoft (Sep 17)
- Microsoft Security Advisory Notification Microsoft (Sep 24)
- Microsoft Security Advisory Notification Microsoft (Sep 25)
- Microsoft Security Advisory Notification Microsoft (Sep 30)