Critical Security Fix for BlogEngine.net

Today, while sitting in a discussion about the new Microsoft MVC Framework at the Microsoft MVP summit, I got an email (reading on my phone) from Kevin Karasinski, a developer at Sandcastle Interactive.

The subject line of the email was my blog password !

Kevin sure knows how to get a guys attention :)

Kevin, good guy that he is, was taking the time to let me know about a newly discovered (and already fixed) security defect in BlogEngine.net, which is the blogging engine that I use here at JoeOn.net. 

Thanks Kevin, you gave me a freakin' heart attack !!!!

Needless to say, my blog has been patched to remove the defect.

Kevin pointed me to Danny Douglass' blog entry HERE.

And [ HERE ] is the official BlogEngine.net patch announcement.

Kudos to Danny, and the BlogeEngine.net guys for fixing this so quickly.

And thanks to Kevin for taking the time to let me know, though maybe next time you can just call my cell phone :)