Esta es la nota publicada en blog de producto de Sharepoint donde se dan las instrucciones paso a paso para aplicar el correctivo:
“(…) We originally stated that SharePoint Server 2007 and Windows SharePoint Services 3.0 did not require the workaround to be applied, however, we have recently discovered through testing that a variant of the issue does affect SharePoint Server 2007 and Windows SharePoint Services 3.0 and also requires extra steps in the workaround for SharePoint Server 2010 (Steps 5-9). Customers with these versions should refer to the relevant workaround below. We will continue to keep this post updated with the latest guidance.
We recently released a Microsoft Security Advisory for a vulnerability affecting ASP.NET. This post documents recommended workarounds for the following SharePoint products:
· SharePoint 2010
· SharePoint Foundation 2010
· Microsoft Office SharePoint Server 2007
· Windows SharePoint Services 3.0
· Windows SharePoint Services 2.0
A workaround is not necessary for SharePoint Portal Server 2003.
The workarounds for the affected versions of SharePoint and Windows SharePoint Services listed above are temporary measures that do not fix the underlying issue but help to block known attack vectors until an ASP.NET security update is released. We will provide instructions on how to revert the workarounds when the security update is released.
We recommend that all affected SharePoint customers apply the workaround as soon as possible. You should apply the workaround to every web front-end in your SharePoint farm."
El día de ayer fue publicado en Microsoft un boletín informando del fix para resolver el problema
Más información en:
Microsoft Sharepoint Team Blog
Blog de Scott Guthrie (Vice-Presidente Microsoft Developer Division)
No hay comentarios:
Publicar un comentario