This morning Microsoft released a security update that addresses the ASP.NET Security Vulnerability that I’ve blogged about this past week.
From Scott Guthrie’s blog post we learn that the update should not require any code or configuration change to your existing ASP.NET applications. Also, if you apply the update to a live web-server, there will be some period of time when the web-server will be offline (although an OS reboot should not be required). You’ll want to schedule and coordinate your updates appropriately.
If you want to apply the update right now, you can go to the microsoft download center and download it. The update will also be released in the next scheduled Windows Update and Windows Server Update.
19 great tips to enhance your SQL Server security
Intro to LDAP injection
The LoginProperty function in SQL Server 2005
Google Translator Hacked
SQL Injection joke