Information regarding a critical security vulnerability in ASP.NET has just been released by Microsoft and importantly is also indicated to effect the various SharePoint 2010 editions. The vulnerability involves the being able to request and download files via the web.config file.
Microsoft recommend that all affected SharePoint customers apply the workaround as soon as possible. You should apply the workaround to every web front-end in your SharePoint farm.
The full details of the vulernability and the workaround can be found on the Microsoft SharePoint Team Blog