Home / bulletins MS09-036 - Important: Vulnerability in ASP.NET in Microsoft Windows Could Allow Denial of Service (970957) - Version:1.1
Posted on 20 August 2009
ImportantSeverity Rating: Important - Revision Note: Clarified in Frequently Asked Questions (FAQ) Related to This Security Update that this security update will only be offered when IIS 7.0 is installed. Added information to the FAQ for Remote Unauthenticated Denial of Service in ASP.NET Vulnerability – CVE-2009-1536 about the difference between Integrated Mode and Classic Mode in IIS 7.0. This is an informational change only. Customers who have successfully installed this update do not need to reinstall.Summary: This security update addresses a privately reported Denial of Service vulnerability in the Microsoft .NET Framework component of Microsoft Windows. This vulnerability can be exploited only when Internet Information Services (IIS) 7.0 is installed and ASP.
Other versions
- MS09-036 - Version: 1.0
- MS09-036 - Version: 1.1
