After installing MS10-070 I start getting "Unable to validate data" errors on my application, the problem is that I have several values encrypted using System.Web.Configuration.MachineKey.EncryptOrDecryptData method and stored in DB. Now it can't be decrypted.
I know that setting key aspnet:UseLegacyEncryption to true
is workaround in that case, but if system use legacy encryption mode does it have the same security vulnerability as before MS10-070 has been installed?
I am also curious to know this. We had the same issue and while this line did fix the error we were getting I'm a little concerned about "how" it is fixing the "Unable to validate data" message.
Member
1 Points
12 Posts
Unable to validate data after patch and legacy encryption mode
Oct 07, 2010 03:59 AM|Jcomp|LINK
Hi,
After installing MS10-070 I start getting "Unable to validate data" errors on my application, the problem is that I have several values encrypted using System.Web.Configuration.MachineKey.EncryptOrDecryptData method and stored in DB. Now it can't be decrypted. I know that setting key aspnet:UseLegacyEncryption to true is workaround in that case, but if system use legacy encryption mode does it have the same security vulnerability as before MS10-070 has been installed?
Thanks in advance.
None
0 Points
2 Posts
Re: Unable to validate data after patch and legacy encryption mode
Oct 07, 2010 09:35 AM|tslinkard|LINK
I am also curious to know this. We had the same issue and while this line did fix the error we were getting I'm a little concerned about "how" it is fixing the "Unable to validate data" message.
Thanks