Microsoft has recently released a Security Advisory about a security vulnerability in ASP.NET. This vulnerability exists in all versions of ASP.NET. The PHP applications running on IIS are also subject to this vulnerability if ASP.NET is enabled in IIS
Read More...
Read the complete post at http://blogs.iis.net/ruslany/archive/2010/09/22/asp-net-vulnerability-affecting-php-sites-on-iis.aspx