mcafee scan comes with Encrypted SSL cookie error

I have this as a vulnerability issue in McAfee scan for my website (ASP.NET with VB.Net, IIS7, SQL Server 2008)-

Missing Secure Attribute in an Encrypted Session (SSL) Cookie.

What do i have to do to get rid of this vulnerability? please advice

its a level 1 alert, you would have to use a check in your application to determine if the request is https, and then set secure=true in the cookie.

Alternatively, you could assess if allowing this is inline with your company's policy and accept it in mcafee's panel.