Microsoft

Once again a Hole in a IIS server. ASP.NET for sure.

And once again it is just using modification of the URL to get access to password protected Files. It is amazing to me that Microsoft would have this appear again since they now have the TRUSTWORTHY computing.

I really cannot trust their computers for anything that is really confidential.

If you have to hide something best thing is keep it in you head don't write it down.

And if you have to put it in a computer never place it on a websever.