Published: October 5, 2004
Microsoft is currently investigating a reported vulnerability in Microsoft ASP.NET. An attacker can send specially crafted requests to the server and view secured content without providing the proper credentials. This reported vulnerability exists in ASP.NET and does not affect ASP.
This issue affects Web content owners who are running any version of ASP.NET on Microsoft Windows 2000, Windows 2000 Server, Windows XP Professional, and Windows Server 2003.
The underlying issue is that ASP.NET is failing to perform proper canonicalization of some URLs. Microsoft Knowledge Base (KB) article 887459, "Programmatically Checking for Canonicalization Issues with ASP.NET," describes how to add additional safeguards to an ASP.NET application to help protect against common canonicalization issues, such as those related to this reported vulnerability.
Microsoft recommends that Web site owners and developers read and implement the suggestions made in KB article 887459 in anticipation of a security update to mitigate this issue. Applying the KB article's guidance to your ASP.NET application will protect the application against all canonicalization problems known to Microsoft.
More in http://www.microsoft.com/security/incident/aspnet.mspx
Help, my PC with Windows 10 won't shut down properly
Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?