Information that makes life easier when it comes to installing, managing, and using Windows Vista.
Start About FAQ Blogroll Shop

ITsVISTA KB-Link: KB970957

Vulnerability in ASP.NET in Microsoft Windows Could Allow Denial of Service

UpdatesDescription: This security update addresses a privately reported Denial of Service vulnerability in the Microsoft .NET Framework component of Microsoft Windows. This vulnerability can be exploited only when Internet Information Services (IIS) 7.0 is installed and ASP.NET is configured to use integrated mode on affected versions of Microsoft Windows. An attacker could create specially crafted anonymous HTTP requests that could cause the affected Web server to become non-responsive until the associated application pool is restarted. Customers who are running IIS 7.0 application pools in classic mode are not affected by this vulnerability. The security update addresses the vulnerability by changing the way ASP.NET manages request scheduling.

Update type: Important

Release date: August 11, 2009

Applies to: All versions

Knowledge base:

Download link: 32-bit | 64-bit
Comments:Here are the specifics on the vulnerabilities covered by this update:

  • Remote Unauthenticated Denial of Service in ASP.NET Vulnerability – CVE-2009-1536
There is a download that resolves this issue.
32-bit Download: Contact Microsoft
64-Bit Download: Contact Microsoft

For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB970957.

Get notified of new posts for FREE via RSS or E-mail

Subscribe to ITsVISTA!

Related Posts