This site uses affiliate links as a means of monetization.
A serious vulnerability was found in Microsoft's ASP .Net web development framework that is described as follows:
in Microsoft .NET Framework 3.5 Service Pack 1 and above, this vulnerability can be used by an attacker to retrieve the contents of any file within the ASP.NET application, including web.config” and that “this vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server
Being that the severity of this patch is too high to allow them to wait until their next cycled patch release, they instead chose to release the following emergency fix: http://www.microsoft.com/technet/security/bulletin/MS10-070.mspx.
All users who are affected are strongly encouraged to patch immediately to avoid potential issues.