A recent exploit discovered for Microsoft’s ASP.NET software has left all Windows users vulnerable to attack.

ASP.Net is a Web application framework by Microsoft that is used to create websites and applications. It has been estimated that 1/4 of all Internet websites use ASP.Net.

Microsoft has announced that it will patch all supported versions of Windows, from XP Service Pack 3 and Server 2003 to Windows 7 and Server 2008 R2, along with other software, including its IIS and SharePoint server software.

Hackers are said to be able to exploit ASP.Net’s encryption to decrypt session cookies or other encrypted data on a remote server, and access and grab files from a site or Web application that relies on the ASP.NET framework.

Microsoft has released a Visual Basic script that should detect applications that are at risk and has also created a dedicated support forum to handle any queries from website and application developers. A patch has been promised but it is still unknown as to when this may arrive.