The vulnerability affects the .NET framework running on all versions of Windows. The issue has been known since 2002, but two researchers created a new hacking tool that can take advantage of the flaw to crack the hashing algorithm and view data contained in website cookies.