yes it is to do with ASP/ASP.NET
if you read the blog entry and look at the link to google search results, you will see it IS targetting ASP/ASP.NET websites. Whether the attack would work against PHP sites is not the point, the google results clearly show .aspx pages being returned, so yes they are affecting ASP.NET sites. OK they may be poorly codes, and they may not be:
As a PHP developer and an ASP.NET developer, I can say it is not always the case that developers are at fault, sometimes the framework code in .NET does not do what it should, as in the past I have had to code my own routines. Not saying that's whats going on here.