Please, check your web.config files.... Just in case... http://weblogs.asp.net/scottgu/archive/2010/09/18/important-asp-net-security-vulnerability.aspx
I will still need some time to fully diagnose the full impact on this but everything this article says you do to work around the problem is accessible to all customers. Each customer can set their own custom error handling within their own web.config file.
Yes. I posted it as an advice for all Winhost customers... and for all Winhost team ;-). I just modified the customError section of all my web.config files even when I had the customErrors correctly configured but I had to homogenizes all errors... It's pretty scary when a bug like this is found...
Thanks. Everyone should check their configuration for this vulnerability, even if you think it doesn't affect you.