Microsoft reported a security vulnerability last week in ASP.NET, which is the platform that SharePoint runs on. If you have SharePoint 2007, WSS 3.0, or SharePoint 2010 server running on the Internet, then your server is exposed to this weakness.
According to Microsoft, an attacker could access files and information that are normally encrypted or should be otherwise inaccessible. The attacker could then send information back to your server in an attempt to further compromise it.
You can find a workaround to protect your servers from this attack on the Microsoft SharePoint Team Blog.
#Security #SharePoint