A security vulnerability in ASP.NET that exists in all versions of ASP.NET has been reported recently. You can find the workaround by following the detailed instructions that ScottGu provided in his post here.