This release is a content update.
- Content updates include new checks for vulnerabilities, patch verification, and compliance with security policies.
- Product updates include performance improvements, bug fixes, and new features.
Vulnerability checks for Microsoft Security Bulletin MS10-070
- Vulnerability checks have been added to provide up-to-date scan coverage for Microsoft Security Bulletin MS10-070, which concerns the "padding oracle" attack. This attack, which is under active exploitation, could allow a malicious user to read, or tamper with, data from servers running ASP.NET. Use these checks to verify that the latest Microsoft patches have been applied to system assets.
List of checks
- MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure