When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.

In the article, Microsoft explained threat actors were injectingmalicious codethrough a method called ViewState code injection attacks.

However, if developers can find these keys, so can criminals.

A person using a laptop on a table.

When they do, they can use them to inject harmful content into a websites ViewState.

This can lead to remote code execution, Microsoft warned.

The researchers found more than 3,000 publicly disclosed keys that can be used in these attacks.