ASP.Net 2.0 System.Web.Dll Patch
Just came across this on TechNet: http://www.microsoft.com/technet/security/Bulletin/MS06-056.mspx
This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin.
The vulnerability could allow an attacker to gain unauthorized access to information. Note that this vulnerability would not allow an attacker to execute code to elevate their user rights directly, but it could be used to acquire information that could be used to further compromise the affected system.
We recommend that customers consider applying the security update.