Yes. Simply include an @ Page directive with an EnableViewStateMac=”true” attribute in each ASPX file you wish to protect, or include the following statement in Web.config: his configuration directive appends a hash (officially called the message authentication code, or MAC) to view state values round-tripped to the client and enables ASP.NET to detect altered view state. If ASP.NET determines that view state has been altered when a page posts back to the server, it throws an exception.
The hash is generated by appending a secret key (the validationKey value attached to the element in Machine.config) to the view state and hashing the result. An attacker can’t modify view state and fix up the hash without knowing the secret key, too.