Microsoft has issued a security advisory regarding a vulnerability in their ASP.NET Framework code, particularly with regards to a vulnerability in the use of web.config files.
Information on the vulnerability is shown on this Microsoft webpage below:
We have found more details about the ASP.NET security concern on this webpage:
We recommend customer's utilizing ASP.NET in their website and with a web.config file, consider following the recommendations posted on the sites above. Please note this is an advisory and we are not endorsing other sites ideas on how to mitigate the security concern. We will continue to monitor Microsoft updates awaiting one from Microsoft to apply to our servers, if one is provided.