Last post Oct 07, 2010 09:35 AM by tslinkard
Oct 07, 2010 03:59 AM|Jcomp|LINK
After installing MS10-070 I start getting "Unable to validate data" errors on my application, the problem is that I have several values encrypted using System.Web.Configuration.MachineKey.EncryptOrDecryptData method and stored in DB. Now it can't be decrypted.
I know that setting key aspnet:UseLegacyEncryption to true
is workaround in that case, but if system use legacy encryption mode does it have the same security vulnerability as before MS10-070 has been installed?
Thanks in advance.
Oct 07, 2010 09:35 AM|tslinkard|LINK
I am also curious to know this. We had the same issue and while this line did fix the error we were getting I'm a little concerned about "how" it is fixing the "Unable to validate data" message.