Microsoft is aware of a recent escalation in a class of attacks targeting Web sites that use Microsoft ASP and ASP.NET technologies but do not follow best practices for secure Web application developm...
source:
www.net-security.org. NOTE: this was recently published at www.net-security.org