RSS
 

Posts Tagged ‘IIS’

Security Vulnerability Detected in ASP.NET

21 Sep

This is a quick post to inform the users of our group that a security vulnerability was found in ASP.NET that could potentially allow a Malicious Party access to your web.config file.  As you know there are a number of settings in the web.config that would be harmful in the wrong hands, including the Connection String to a (or multiple) Database(s), Encryption Key information (Machine Key), as well as SMTP or Impersonation details which could give the Hacker access to a Windows System Account, or an Administrative Email Account.

Be sure to ready Scott Guthrie’s Post “Important: ASP.NET Security Vulnerability” which will outline the potential threats in more detail.

For a script to detect if you are Vulnerable to this attack read Microsoft Security Research and Defense entry.

There is also a newer update by the Microsoft Security Response Center which includes a twitter account [@MSFTSecResponse] which will give more up-to-date coverage as new developments unfold.

Please make sure to make your superiors aware of this threat as it affects mostly all installations/Versions of ASP.NET on a wide range of Operating Systems.

 
No Comments

Posted in Announcements

 

Microsoft Event: Make Web Not War

15 Mar

MWNW_LOGO_VECTOR The Open Source conference Confoo put on by PHP Quebec in Montreal has just wrapped up. This three day Open Source event featured speakers from Google, Microsoft, and Facebook.

During the Event Microsoft was promoting their next event Make Web Not War which was held in Toronto last year for an admission price of a $10 Donation. To view highlights of last years events, take a look back at MWNW ‘09. In attendance last year were two of our very own Guelph Coffee and Code attendees Andrew Dupe and Justin Walker.

This year’s Make Web Not War event will be held in Montreal. Be sure to check out the list of hotels, and other attractions, and Register to attend the event before April 20th, 2010.

FTW_LOGO_VECTOR

Currently running is the For The Web Competition which is a part of the Make Web Not War Conference.  For The Web Registration is now open so be sure to Register. Submissions must be entered by May 10th, 2010.

Prizes Include a number of Dell Laptops, as well as a number of bonus add on prizes for those that are the best in their particular category. Feel free to bring your For The Web submissions into Guelph Coffee and Code if you need some assistance.

 
No Comments

Posted in Technology Events