ASP.NET path validation vulnerability in Microsoft .NET Framework 1.0 Service Pack 2 (886905)

The information in this article applies to:

Microsoft .NET Framework 1.0 SP2, when used with:
- Microsoft Windows Server 2003, Datacenter Edition
- Microsoft Windows Server 2003, Enterprise Edition
- Microsoft Windows Server 2003, Standard Edition
- Microsoft Windows Server 2003, Web Edition
- Microsoft Windows 2000 Advanced Server SP3
- Microsoft Windows 2000 Advanced Server SP4
- Microsoft Windows 2000 Professional SP3
- Microsoft Windows 2000 Professional SP4
- Microsoft Windows 2000 Server SP3
- Microsoft Windows 2000 Server SP4
- Microsoft Windows XP Home Edition
- Microsoft Windows XP Home Edition SP1
- Microsoft Windows XP Home Edition SP1a
- Microsoft Windows XP Professional
- Microsoft Windows XP Professional SP1
- Microsoft Windows XP Professional SP1a

Microsoft has released security bulletin MS05-004. The security bulletin contains all the relevant information about the security update, including file manifest information and deployment options. To view the complete security bulletin, visit the following Microsoft Web site:

Home users:
http://www.microsoft.com/athome/security/update/bulletins/default.mspx
IT professionals:
http://www.microsoft.com/technet/security/bulletin/ms05-004.mspx

Modification Type:	Minor	Last Reviewed:	9/9/2005
Keywords:	kbQFE kbfix kbBug KbSECVulnerability kbSecurity KB886905 kbAudDeveloper