Over the weekend a Microsoft Security Advisory was released about a security vulnerability in all versions of ASP.NET. Scott Guthrie’s blog has complete details of this issue and a workaround to protect your sites.
It is important to remember that SharePoint 2007 and 2010 are .NET applications and therefore impacted by this issue. Please carefully read all of the information on Scott’s blog and take the appropriate actions.
Any company that has a .NET application or SharePoint farm accessible from the Internet should immediately apply the workaround.