Recently, Asp.net has a security vulnerability, which is originated from a topic about viewstate.ArticleDetailed introduction. I will not talk about it here.
Microsoft has released updates.
If you apply updates to the Web server, the web server will be offline for some time (although an OS should not need to be restarted ).Therefore, appropriate updates must be arranged and coordinated.
Importantly, if your website or applicationProgramIf multiple web pages are running on multiple Web servers, make sure that this update application is applied to all servers.Otherwise, the updated encrypted/signed ASP. net function behavior and the combination of patched and unpatched servers will cause incompatibility between the encrypted/signed behavior.
For more information, see
Http://weblogs.asp.net/scottgu/archive/2010/09/28/asp-net-security-update-now-available.aspx