Microsoft is alerting developers about the dangers of publicly disclosed ASP.NET machine keys, which can lead to vulnerabilities in applications. The company's threat intelligence team noted activity from an unknown threat actor in December 2024 who exploited such keys to inject malicious code via the Godzilla framework. Over 3,000 keys have been found in public repositories, which significantly increases the risk for developers who may unknowingly use these keys in their software. ViewState code injection attacks can occur if these keys are misused, prompting a call for greater awareness and secure coding practices.
Microsoft is warning of an insecure practice wherein software developers are incorporating publicly disclosed ASP.NET machine keys from publicly accessible resources, thereby putting their applications in attackers' pathway.
The tech giant's threat intelligence team said it observed limited activity in December 2024 that involved an unknown threat actor using a publicly available, static ASP.NET machine key to inject malicious code and deliver the Godzilla post-exploitation framework.
Collection
[
|
...
]