In this webinar, our experts showcase a variety of demo use cases of how different components of the...
Recently there has been a lot of discussion around a new vulnerability in the way asp.net handles errors. The details are here:
https://www.microsoft.com/technet/security/advisory/2416728.mspx
Microsoft is still working on a patch, but there are ways to immediately mitigate the risks. For dynamics CRM 4, Microsoft has released a temporary update:
http://support.microsoft.com/default.aspx?kbid=2421203
In addition, we advise you to monitor your application logs for a message similar to this:
Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 11/11/1111 11:11:11 AM
Application information:
Application domain: c1db5830-1-129291000036654651
Application Virtual Path: /
Exception information:
Exception type: CryptographicException
Exception message: Padding is invalid and cannot be removed.
If you see the above, this means that someone or some automated scanning tool is trying to exploit this vulnerability.