Just before the week-end, in the evening of September 17, information was released about a severe security vulnerability in ASP.NET, for which already an exploit was made publicly available. Using this exploit, a hacker could access to sensitive data of a website.
We were immediately at high alert, since the “researchers” used DotNetNuke as a sample application to show how easy it was to gain highest access rights to an ASP.NET application.
As more information surfaced during Saturday we began checking and patching our servers, which was completed in the afternoon. As from that point in time all ASP.NET sites running on our servers are safe from this exploit.
More information about this vulnerability can be found here: