When you surf the Internet and peruse a Web page with interactive content, chances are that the page was developed using Microsoft Corp.’s Active Server Pages (ASP) technology or Sun Microsystems Inc.

Microsoft Corp. is investigating a reported vulnerability in ASP.Net that could allow an attacker to bypass security features on a Web server and view sensitive content, the company said yesterday.

A Web server exclusively handles HTTP requests, whereas an application server serves business logic to application programs through any number of protocols. Let’s examine each in more detail. A Web ...