Microsoft ASP.NET Insecure Site Configuration Vulnerability (2905247)

Summary
This host is missing an important security update according to Microsoft advisory (2905247).
Impact
Successful exploitation will allow remote attackers to use specially crafted HTTP content to inject code to be run in the context of the service account on the ASP.NET server. Impact Level: System/Application
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, https://technet.microsoft.com/en-us/security/advisory/2905247
Insight
Flaw is due to the view state that exists when Machine Authentication Code (MAC) validation is disabled through configuration settings.
Affected
Microsoft .NET Framework versions 1.1, 2.0, 3.5, 3.5.1, 4.0, 4.5 and 4.5.1
Detection
Get the vulnerable file version and check appropriate patch is applied or not.
References