Microsoft Windows ASP.NET Denial of Service Vulnerability(970957)

Summary
This host is missing a critical security update according to Microsoft Bulletin MS09-036.
Impact
Successful exploitation will allow remote attackers to cause the application pool on the affected web server to become unresponsive, denying service to legitimate users. Impact Level: System/Application
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/MS09-036
Insight
The flaws is caused by caused by an error in ASP.NET when managing request scheduling, which could allow attackers to create specially crafted anonymous HTTP requests and cause the web server with ASP.NET in integrated mode to become non-responsive.
Affected
Microsoft .NET Framework 3.5/SP 1 Microsoft .NET Framework 2.0 SP 1/SP 2
References