Microsoft updates ASP.NET Flaw CVE-2010-333 with fix
As mentioned earlier, the ASP.NET Session Security flaw has been keeping all .NET developers and Microsoft on the ball about possible exploits with their applications. Microsoft have updated their security advisory CVE-2010-333 with more information about the severity of the flaw – its taking Exchange and Sharepoint down with it too.
See Microsoft Security Bulletin MS10-070 for affected products and download the update fix for your setup
For ease of downloading, some configurations for you: