I happen to have screen grabbed the response headers on our asp.net 4/IIS 7 website late December for a security audit. Today, I noticed they are different, a couple of new headers were added
X-Powered-By: ASP.NET
Pragma: no-cache
Cache-Control: no-cache
Expires: -1
I remember explicitly taking out the X Powered By header as requested by the security auditor. Now it's back, along with these others. And again, I can be sure of that because I used Chrome and a custom add-in to display headers, then screen grabbed that info.
So far, the only thing I can track it to is the security update from MS11-100. Can anyone confirm this?