CSOonline

Critical ASP.NET core vulnerability earns Microsoft’s highest-ever severity score

The Kestrel web server flaw allows request smuggling attacks, but the actual risk depends on the application code and deployment. Microsoft has patched a critical vulnerability in ASP.NET Core that ...
InfoWorld

Don’t use public ASP.NET keys (duh), Microsoft warns

Microsoft Threat Intelligence has identified 3,000 ASP.NET keys disclosed in code documentation and repos that could be used in code injection attacks. Microsoft Threat Intelligence in December ...
Redmond Magazine

Microsoft Warns of ViewState Code Injection Attacks Using Publicly Disclosed Machine Keys

Microsoft Threat Intelligence has identified a limited attack campaign leveraging publicly available ASP.NET machine keys to conduct ViewState code injection attacks. The attacks, first observed late ...
Bleeping Computer

Microsoft says attackers use exposed ASP.NET keys to deploy malware

Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. As Microsoft Threat Intelligence experts recently discovered, ...
Visual Studio Magazine

How to Do Web Forms in VS 2022 (Even Though Microsoft Recommends Blazor/.NET 6)

Microsoft last week set the record straight that Web Forms, part of ASP.NET from the old .NET Framework, isn't going away in Visual Studio 2022, though it recommends Blazor as a .NET 6 alternative. It ...
GitHub

asp-net-web-forms

Library for deploying the OnTopic CMS to an ASP.NET Web Forms based website. This library is deprecated in favor of `OnTopic-MVC` or `OnTopic-AspNetCore`. ASP.NET Web Forms version of an editor for ...