Last week Microsoft release an alert on an security vulnerability associated with ASP.NET. A workaround was announce while waiting an official.
Today, Microsoft release the official security patch. Here is the link to access the security bulletin and the files: http://www.microsoft.com/technet/security/bulletin/ms10-070.mspx
For more information, you can also look at the blog of Scott Guthrie about the security issue http://weblogs.asp.net/scottgu/archive/2010/09/28/asp-net-security-update-now-available.aspx
So as per the recommendation of Microsoft, you should apply the patch to make sure you web application as soon as possible.
Regards,
LP
028d6c72-2055-43dc-b937-30799e66f630|0|.0|96d5b379-7e1d-4dac-a6ba-1e50db561b04