Microsoft's 'Full Trust ASP.NET in IIS 6.0 is Insecure by Design, by Default and in Deployment' Internal White Paper