Esiste una pagina da tenere d'occhio per essere aggiornati sul rilascio delle patch e dei tool che sarannno rilasciati per gestire il problema: http://www.microsoft.com/security/incident/aspnet.mspx
We have created a security incident landing page that recognizes our knowledge of the reported vulnerability and will become a living document where we post updates as our investigation continues. This should be the direct landing point for customers seeking information and is found at http://www.microsoft.com/security/incident/aspnet.mspx
We have created a KB article that provides prescriptive guidance on how to protect against canonicalization issues immediately on their site. This KB will help developers protect themselves on a per application basis. The Microsoft Knowledge Base article can be viewed here: http://support.microsoft.com/?kbid=887459
posted @ mercoledì 6 ottobre 2004 12:27