Wir haben eine Sicherheitslücke in ASP.NET (1.0 - 4.0)!

Microsoft Security Advisory 2416728: Vulnerability in ASP.NET Could Allow Information Disclosure
Friday, Sep 17

“…Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce useful information that could be used to try to further compromise the affected system.”

Die Fixes liegen im Microsoft Download Center mit Suchbegriff "MS10-070" (oder werden natürlich über Windows Update ausgeliefert)