http://blogs.technet.com/bluehat/archive/2009/04/14/token-kidnapping-finally-patched.aspxHere I am again writing on MS BlueHat blog, this time about Token Kidnapping. The first time I talked about Token kidnapping was a long time ago and now after a year the issues detailed in the presentation are finally fixed. Let's see what happened. BeforeenCommunityServer 2.1 SP1 (Build: 61025.2)http://blogs.technet.com/bluehat/archive/2009/04/14/token-kidnapping-finally-patched.aspx#3234900Mon, 04 May 2009 17:54:29 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3234900gazanga<p>I'm glad this issue was resolved. &nbsp;I'm sure there could have been a quicker fix, but to resolve this in such a way to conform to RFC standards, and to avoid creating bigger problems, likely required additional work and patience. &nbsp;I, for one, appreciate the candor and full-disclosure of your post, Mr. Cerrudo.</p>