This post targets SharePoint vulnerability because of ASP.NET security threat. User can find probable threat and solution for the same.
As on 17th Sep Microsoft found security vulnerability in ASP.NET framework (with all versions of frameworks), there are some security threat for latest version of SharePoint server 2010 and SharePoint Foundation 2010 as well.
Good thing is SharePoint server 2007, Windows SharePoint Services 3.0 and SharePoint portal server 2003 are quite secure for this vulnerability.
Major SharePoint Products affected by this vulnerability.
1. SharePoint server 2010
2. SharePoint Foundation 2010
3. SharePoint services 2.0
As SharePoint 2010 has introduced a new architecture for processing a request and redirecting users differently for error pages/unavailable pages, this threat is applicable to latest version.
Microsoft SharePoint team recommends that all affected SharePoint customers apply the workaround as soon as possible.
Solution
Along with solution provided in
my previous post you need to take some more steps in order to secure SharePoint front end servers from this vulnerability.
Hope this will help many SharePoint administrators to secure their public WFEs. will keep all updated once hotfix for this vulnerability is out.
Regards,
Vikas Patel.