_LASTFOCUS, a default parameter in ASP.NET 2.0, is vulnerable to reflexif cross site scripting (CSS).
One suggested solution was to apply the patch MS06-056/KB922770 on the server. (Downloadable from http://www.microsoft.com/technet/security/Bulletin/MS06-056.mspx
Unfortunately, the patch is not getting installed. The below link from microsoft suggested re-installing the framework:
I did, but no luck - the patch would not install!
Any solutions? My main problem is to get rid of CSS - please suggest.