the Mighty Blog
The official website for Will Strohl
Will "the Mighty" Strohl

DotNetNuke Security Update About Oracle Padding Attack

On September 18, 2010 in DotNetNuke by Will Strohl

Please take 10 minutes today to read a blog post by Cathal Connolly, the DotNetNuke Security Team lead.  He gives DotNetNuke specific advice and the exact steps you need to take to protect your DNN websites (and any other public ASP.Net site), while we wait for Microsoft to release an official update for you to apply to your servers. 

ASP.NET Security Vulnerability workaround for DotNetNuke sites

Please note in Cathal’s blog that you will likely see separate updates for the DotNetNuke framework to further guard you against attacks such as these in the near future.

It’s also worth stating again, that this is not a security vulnerability in DotNetNuke.  All ASP.Net websites are at risk of being attacked.  It doesn’t matter if you’re using DNN, SharePoint, MVC, or a custom application.  PROTECT yourself. 

Unfortunately, since this is such a hot-topic-issue I would suggest shrugging off your weekend to protect all of your public ASP.Net websites NOW.



blog comments powered by Disqus

3210 Views
Tagged With:

Affiliate Disclosure: Some of the links on this site may be affiliate links. This means, at no additional cost to you, I may earn a commission if you click through and make a purchase. All editorial content is not influenced by partnerships. I only recommend products and services I genuinely believe in.

© Copyright 2004-2025 by Will Strohl | Site design by Ralph Williams | Hosting Provided by Applied Innovations | DNN Development & Consulting | | Login