Microsoft issued an ASP.NET Security Advisory the other day and the workaround requires that your verify and possibly modify your Web.Config and implement a custom error page if necessary to avoid displaying different error pages based upon the type of error, etc.
Of course, ASP.NET is used in a lot of e-commerce websites, content management systems, etc. so if ASP.NET sounds foreign to you it doesn't mean you are safe from the exploit. A perfect example is DotNetNuke ( DNN ), which runs on ASP.NET and is vulnerable to the security threat.
In fact, if you have a DotNetNuke Website, you can visit the DotNetNuke Corporate Website where they help you understand this ASP.NET Security Vulnerability from a DNN perspective. Learn more here.
David Hayden