Microsoft releases out-of-band security fix for Windows

By Matthew ยท 5 replies
Sep 29, 2010
Post New Reply
  1. Microsoft today published an out-of-band security update (MS10-070) to fix a flaw in ASP.NET that is being exploited in the wild. The vulnerability could allow an attacker to compromise data on Windows machines ranging from XP and Server 2003 through Windows 7 and Server 2008 R2.

    Read the whole story
  2. Gars

    Gars TS Booster Posts: 232

    the article match with my problem
    - on 64 W7 its need to restart
    - the simple XP (32) dosent need restart

    thats ring me a bell that tell me about "64bit security" work arounds
  3. natefalk

    natefalk TS Rookie Posts: 78

    The main problem is that this vulnerability allows the attacker to download the web.config file... Since most web.config files contain passwords to databases and connection strings, this is obviously a major problem.

    There is a workaround that has been out for a week or so... My question is, how did this get overlooked for so long?
  4. What do you mean by out of band? Unix / Network devices have an separate network which connects to system consoles for out of band management.
  5. Per Hansson

    Per Hansson TS Server Guru Posts: 1,958   +215

    Guest2; An "out of band" security update in MS jargon is an update that is released outside the normal "patch Tuesday"
    -That is the second Tuesday each month when Microsoft releases their patches (Makes an admins life easier since we know when the patches will be coming out, so we have something to plan for)

    Obviously some updates are so important that they can not wait for the "patch Tuesday" and henche are releases when they are completed "out of band"
  6. jobeard

    jobeard TS Ambassador Posts: 11,131   +982

    In addition, the out-of-band fix is to the .Net facilities which are NOT germane to Unix/Linix systems.

    Great puzzlement why a Linx comment appears in a clearly Windows topic :eek:

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...