Summary: Microsoft has issued a warning regarding the risks associated with website developers using publicly disclosed ASP.NET machine keys from code documentation, which can lead to remote code execution vulnerabilities. The company observed attackers exploiting these known keys to deploy the Godzilla cyberattack framework. Microsoft emphasizes the need for organizations to avoid copying keys from public sources and to regularly rotate their keys to mitigate risks.
Affected: Organizations utilizing ASP.NET applications
Keypoints :
- Publicly disclosed ASP.NET machine keys can be used by threat actors to manipulate ViewState and compromise corporate environments.
- Microsoft has identified at least 3,000 exposed keys, significantly lowering the barrier for exploitation.
- The tech giant recommends that organizations refrain from using publicly available keys and implement regular key rotation as a preventive measure.
Source: https://www.darkreading.com/remote-workforce/microsoft-public-asp-net-keys-web-server-rce