Category: Windows

Microsoft Security Bulletin MS10-070 – Important

An important update has been released from Microsoft. It addresses an issue with ASP.NET. You should install the update ASAP.

This security update resolves a publicly disclosed vulnerability in ASP.NET. The vulnerability could allow information disclosure. An attacker who successfully exploited this vulnerability could read data, such as the view state, which was encrypted by the server. This vulnerability can also be used for data tampering, which, if successfully exploited, could be used to decrypt and tamper with the data encrypted by the server. Microsoft .NET Framework versions prior to Microsoft .NET Framework 3.5 Service Pack 1 are not affected by the file content disclosure portion of this vulnerability.

http://www.microsoft.com/technet/security/bulletin/ms10-070.mspx

Server Core Roles and Features in 2008 R2

Maybe you’ve already set up a core server. Or you are thinking about it.

Anyway. An overview of the available features for each version of Windows Server 2008 R2 can be found here: http://blogs.dirteam.com/blogs/sanderberkouwer/archive/2010/02/03/server-core-roles-and-features-in-2008-r2.aspx

The table below shows the individual roles and features in fresh Server Core installations of Windows Server 2008 R2, Web (column 1), Standard (column 2), Enterprise (column 3) and Datacenter (column 4) edition. It also lists the Server Roles features in a fresh installation of the special-purpose Hyper-V server 2008 R2. (column 5):

Server Roles and Features

W

S

E

D

H

Active Directory Certificate Services

 

 

 

 

 

     Certificate Authority

 

 

 

 

 

 

 

Many roles can be configured on a core server. Think about it before you install a new full blown server with GUI if you plan to virtualize it.

Office 2007 + SharePoint Document Library = Prompt for Credentials

Problem:

Even if you configure your SharePoint site as Intranet in the Internet Explorer, you will be prompted for user credentials when you open an Office document with Office 2007.

This is true, if you haven’t configured a proxy in your browser, access your SharePoint site with a FQDN (fully qualified domain name) and you are using Windows Vista or Windows 7.

Cause:

(Quote from the KB aticle below) In Windows Vista, Internet Explorer uses the Web Client service when you use Internet Explorer to access a WebDAV resource. The Web Client Service uses Windows HTTP Services (WinHTTP) to perform the network I/O to the remote host. WinHTTP sends user credentials only in response to requests that occur on a local intranet site. However, WinHTTP does not check the security zone settings in Internet Explorer to determine whether a Web site is in a zone that lets credentials be sent automatically…

If the URL contains periods, the server is assumed to be on the Internet <—this is the important point 🙂

Solution:

Install Vista SP1 if you haven’t already. Otherwise you’ll need to install the hotfix from the KB article!

See this KB article: You are prompted to enter your credentials when you access an FQDN site by using a Windows Vista-based client computer that has no proxy configured

The article shows how to add an entry to the client registry, which will tell the WebClient Service to send credentials with the request.

Note: You have to restart the WebClient service after you modify the registry.