<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:Tahoma;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri","sans-serif";
        mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
        {mso-style-priority:99;
        mso-style-link:"Balloon Text Char";
        margin:0cm;
        margin-bottom:.0001pt;
        font-size:8.0pt;
        font-family:"Tahoma","sans-serif";
        mso-fareast-language:EN-US;}
span.EmailStyle17
        {mso-style-type:personal-compose;
        font-family:"Calibri","sans-serif";
        color:windowtext;}
span.BalloonTextChar
        {mso-style-name:"Balloon Text Char";
        mso-style-priority:99;
        mso-style-link:"Balloon Text";
        font-family:"Tahoma","sans-serif";}
.MsoChpDefault
        {mso-style-type:export-only;
        font-family:"Calibri","sans-serif";
        mso-fareast-language:EN-US;}
@page WordSection1
        {size:612.0pt 792.0pt;
        margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
        {page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-AU link=blue vlink=purple><div class=WordSection1><p class=MsoNormal>This is interesting, it brings back the old school “brute force” attack where they feed the asp.net application different strings, note the errors and in time, decipher the encryption key and therefore decipher the entire cipher text.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>The only work around atm is if you are using asp.net, turn on custom errors point all your error pages at the same page something like “uh oh something went wrong”, that way they cannot get anything back from the error messages.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Mircosoft is to release a patch but no timeline given, it will be interesting to see if they do this one out-of-cycle or not.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><a href="http://www.computerworld.com.au/article/361513/microsoft_sounds_alert_massive_web_bug/?fp=39&fpid=25592&rid=1">http://www.computerworld.com.au/article/361513/microsoft_sounds_alert_massive_web_bug/?fp=39&fpid=25592&rid=1</a><o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0 width="100%" style='width:100.0%'><tr><td width=200 style='width:150.0pt;padding:0cm 0cm 0cm 0cm'><table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0 width=200 style='width:150.0pt;margin-left:1.5pt'><tr><td style='padding:0cm 0cm 0cm 0cm'><p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:#005395;mso-fareast-language:EN-AU'>James Troy<o:p></o:p></span></b></p></td></tr><tr><td style='padding:0cm 0cm 3.75pt 0cm'><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Arial","sans-serif";color:#00AFE9;mso-fareast-language:EN-AU'>System / Network administrator<o:p></o:p></span></p></td></tr><tr><td style='padding:3.75pt 0cm 0cm 0cm'><p class=MsoNormal><b><span style='font-size:8.0pt;font-family:"Arial","sans-serif";color:#00AFE9;mso-fareast-language:EN-AU'>P:</span></b><span style='font-size:8.0pt;font-family:"Arial","sans-serif";color:#005395;mso-fareast-language:EN-AU'> +613 8677 3735<o:p></o:p></span></p></td></tr><tr><td style='padding:0cm 0cm 0cm 0cm'><p class=MsoNormal><b><span style='font-size:8.0pt;font-family:"Arial","sans-serif";color:#00AFE9;mso-fareast-language:EN-AU'>F:</span></b><span style='font-size:8.0pt;font-family:"Arial","sans-serif";color:#005395;mso-fareast-language:EN-AU'> +613 9923 6112<o:p></o:p></span></p></td></tr><tr><td style='padding:0cm 0cm 0cm 0cm'><p class=MsoNormal><b><span style='font-size:8.0pt;font-family:"Arial","sans-serif";color:#00AFE9;mso-fareast-language:EN-AU'>W:</span></b><span style='font-size:8.0pt;font-family:"Arial","sans-serif";color:#005395;mso-fareast-language:EN-AU'> <a href="http://www.pageuppeople.com"><span style='color:#005395'>www.pageuppeople.com</span></a><o:p></o:p></span></p></td></tr><tr><td style='padding:3.75pt 0cm 0cm 0cm'><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Arial","sans-serif";color:#005395;mso-fareast-language:EN-AU'>Level 10, 91 William Street<o:p></o:p></span></p></td></tr><tr><td style='padding:0cm 0cm 0cm 0cm'><p class=MsoNormal><span style='font-size:8.0pt;font-family:"Arial","sans-serif";color:#005395;mso-fareast-language:EN-AU'>Melbourne VIC 3000 Australia<o:p></o:p></span></p></td></tr><tr><td style='padding:3.75pt 0cm 3.75pt 0cm'><p class=MsoNormal><b><span style='font-family:"Arial","sans-serif";color:#D2242B;mso-fareast-language:EN-AU'>Retain</span></b><span style='font-family:"Arial","sans-serif";color:#005395;mso-fareast-language:EN-AU'>  </span><b><span style='font-family:"Arial","sans-serif";color:#00AFE9;mso-fareast-language:EN-AU'>Recruit</span></b><span style='font-family:"Arial","sans-serif";color:#005395;mso-fareast-language:EN-AU'>  </span><b><span style='font-family:"Arial","sans-serif";color:#41AB49;mso-fareast-language:EN-AU'>Perform</span></b><span style='font-family:"Arial","sans-serif";color:#005395;mso-fareast-language:EN-AU'>  </span><b><span style='font-family:"Arial","sans-serif";color:#F59120;mso-fareast-language:EN-AU'>Develop</span></b><span style='font-family:"Arial","sans-serif";color:#005395;mso-fareast-language:EN-AU'><o:p></o:p></span></p></td></tr></table></td><td valign=bottom style='padding:0cm 0cm 0cm 0cm'><p class=MsoNormal align=right style='text-align:right'><span style='font-size:12.0pt;font-family:"Times New Roman","serif";mso-fareast-language:EN-AU'><img border=0 width=133 height=50 id="_x0000_i1026" src="cid:image001.gif@01CB5981.573F2380" alt="Description: PageUp People"></span><span style='font-size:12.0pt;font-family:"Times New Roman","serif";mso-fareast-language:EN-AU'><o:p></o:p></span></p></td></tr><tr><td colspan=2 style='padding:0cm 0cm 0cm 0cm'><table class=MsoNormalTable border=0 cellpadding=0 width="100%" style='width:100.0%'><tr><td width="3%" style='width:3.0%;background:#D90000;padding:0cm 0cm 0cm 0cm'><p class=MsoNormal><span style='font-size:4.0pt;font-family:"Times New Roman","serif";mso-fareast-language:EN-AU'> <o:p></o:p></span></p></td><td width="3%" style='width:3.0%;background:#491486;padding:0cm 0cm 0cm 0cm'><p class=MsoNormal><span style='font-size:4.0pt;font-family:"Times New Roman","serif";mso-fareast-language:EN-AU'> <o:p></o:p></span></p></td><td width="2%" style='width:2.0%;background:#D90000;padding:0cm 0cm 0cm 0cm'><p class=MsoNormal><span style='font-size:4.0pt;font-family:"Times New Roman","serif";mso-fareast-language:EN-AU'> <o:p></o:p></span></p></td><td width="3%" style='width:3.0%;background:#1191D0;padding:0cm 0cm 0cm 0cm'><p class=MsoNormal><span style='font-size:3.0pt;font-family:"Times New Roman","serif";mso-fareast-language:EN-AU'> <o:p></o:p></span></p></td><td width="8%" style='width:8.0%;background:#409D27;padding:0cm 0cm 0cm 0cm'><p class=MsoNormal><span style='font-size:4.0pt;font-family:"Times New Roman","serif";mso-fareast-language:EN-AU'> <o:p></o:p></span></p></td><td width="32%" style='width:32.0%;background:#FF8000;padding:0cm 0cm 0cm 0cm'><p class=MsoNormal><span style='font-size:4.0pt;font-family:"Times New Roman","serif";mso-fareast-language:EN-AU'> <o:p></o:p></span></p></td><td width="17%" style='width:17.0%;background:#409D27;padding:0cm 0cm 0cm 0cm'><p class=MsoNormal><span style='font-size:4.0pt;font-family:"Times New Roman","serif";mso-fareast-language:EN-AU'> <o:p></o:p></span></p></td><td width="4%" style='width:4.0%;background:#D90000;padding:0cm 0cm 0cm 0cm'><p class=MsoNormal><span style='font-size:4.0pt;font-family:"Times New Roman","serif";mso-fareast-language:EN-AU'> <o:p></o:p></span></p></td><td width="9%" valign=top style='width:9.0%;background:#0072BB;padding:0cm 0cm 0cm 0cm'><p class=MsoNormal align=center style='text-align:center'><span style='font-size:4.0pt;font-family:"Times New Roman","serif";mso-fareast-language:EN-AU'><img border=0 width=131 height=18 id="_x0000_i1025" src="cid:image002.gif@01CB5981.573F2380" alt="Description: people on the same page"></span><span style='font-size:4.0pt;font-family:"Times New Roman","serif";mso-fareast-language:EN-AU'><o:p></o:p></span></p></td></tr></table></td></tr></table><p class=MsoNormal><o:p> </o:p></p></div><!--[object_id=#pageuppeople.com#]--><SPAN style="FONT-FAMILY: Arial; COLOR: #005495; FONT-SIZE: 10pt"><SPAN style="FONT-FAMILY: 'Arial','sans-serif'; COLOR: #00afe9; FONT-SIZE: 9pt"><SPAN lang=EN-AU>
<P><FONT size=2>Wondering why you are 'brain dead' at the end of the day? Check out the new PageUp People blog to find out. <A href="http://blog.pageuppeople.com/">http://blog.pageuppeople.com/</A></P></FONT></SPAN></SPAN></SPAN></body></html>