Saturday, September 18, 2010

ASP.NET security Vulnerability Found

Few hours ago Microsoft released a Microsoft Security Advisory about a security vulnerability in ASP.NET.  This vulnerability exists in all versions of ASP.NET. Microsoft recommend that all customers immediately apply a workaround to prevent attackers from using this vulnerability against your ASP.NET applications.

here are details and a workaround from Scott Guthrie’s Blog as it is…

-----

Important: ASP.NET Security Vulnerability

A few hours ago we released a Microsoft Security Advisory about a security vulnerability in ASP.NET.  This vulnerability exists in all versions of ASP.NET.

This vulnerability was publically disclosed late Friday at a security conference.  We recommend that all customers immediately apply a workaround (described below) to prevent attackers from using this vulnerability against your ASP.NET applications.

What does the vulnerability enable?

An attacker using this vulnerability can request and download files within an ASP.NET Application like the web.config file (which often contains sensitive data).

At attacker exploiting this vulnerability can also decrypt data sent to the client in an encrypted state (like ViewState data within a page).

 

Read more »
Posted by cognition at 7:45 PM 1 comments
Labels: , ,

Friday, September 17, 2010

Windows Phone 7 Developer Tools RTM now

Today Microsoft announced the final release of its Windows Phone 7 Developer tools (RTM) which will enable developers to create beautiful Windows Phone 7 apps that take advantage of the phone’s new application platform, unique features and capabilities. The developer community was very excited for this release specially from the day Microsoft announced its WP7 RTM and we are happy that as promised they released the RTM version of Developers tool on today.

Click here to download the web installer.

Click here to download ISO image.

as mentioned by Scott G on his blog, this download includes following tools which are required for any one to write an application for WP7, and good news is all these tools are FREE.
  • Visual Studio 2010 Express for Windows Phone – Free edition of VS 2010 for Phone development.
  • Express Blend 4 for Windows Phone – Free version of Blend for Windows Phone 7 Development.
  • Silverlight for Windows Phone 7 – Rich framework for building great applications for Windows Phone 7.
  • XNA Game Studio for Windows Phone 7 Rich framework that enables you to build great 2D and 3D games for Windows Phone 7.
  • Windows Phone Emulator – A hardware accelerated emulator that allows you to run and debug your applications and games without requiring a phone.
  • Phone Registration Tool – When you get a device, this allows you to “unlock” the device so you can run/debug your application on it, using your Marketplace account.
Read more »
Posted by cognition at 6:31 PM 0 comments
Labels: , , , ,
Subscribe to: Posts (Atom)