Nueva actualización KB974571. MS09-056: Vulnerabilities in CryptoAPI could allow spoofing”

  • Article

Este fin de semana se ha actualizado el Articulo KB974571 en la que se incluye una descarga de un fichero para solucionar los problemas que tenemos si actualizamos nuestros servidores de OCS / LCS con el update MS09-056: Vulnerabilities in CryptoAPI could allow spoofing” , como bien nos habéis comentado.

https://support.microsoft.com/default.aspx?scid=kb;EN-US;974571

Resolution for the known issue

A fix that resolves this issue is available for download from the Microsoft Download Center. To obtain the fix, visit the following Microsoft Web page:

https://go.microsoft.com/fwlink/?LinkId=168248 (https://go.microsoft.com/fwlink/?LinkId=168248)

The fix (OCSASNFix.exe) is governed by the Microsoft Software License Agreement for Office Communications Server 2007 R2, Office Communications Server 2007, Live Communications Server 2005, Office Communicator 2007 R2, Office Communicator 2007, and Office Communicator 2005.

This fix works for both clients and servers, and it is applicable to the following roles for all versions of Office Communications Server and Live Communications Server 2005 SP1 and for evaluation versions of Office Communicator:

  • Standard Edition Server
  • Director server role
  • Enterprise Edition Consolidated
  • Enterprise Edition Distributed – Front End
  • Edge Server
  • Proxy server role
  • Office Communicator 2007 Evaluation version only
  • Office Communicator 2007 R2 Evaluation version only
  • Office Communicator 2005 Evaluation version only

To run the fix, type the following command at a command prompt, and then press ENTER:

ocsasnfix.exe

When you run the command on a computer that is running Office Communication Server 2007, Office Communication Server 2007 R2, or Live Communications server 2005 Service Pack 1, you receive a message that resembles the following:

Checking OCS/LCS Server installation...Fixing registry data
Checking Office Communicator 2007 Eval installation...not installed.
Checking Office Communicator 2005 Eval installation...not installed.

When you run the command on a computer that is running an evaluation version of Office Communication Server 2007, Office Communication Server 2007 R2, or Live Communications server 2005, you receive a message that resembles the following:

Checking OCS/LCS Server installation...not installed.
Checking Office Communicator 2007 Eval installation...Fixing registry data
Checking Office Communicator 2005 Eval installation...not installed.

This fix can be applied either before or after you install security update 974571. If you apply the fix after you install security update 974571, we recommend that you apply the fix before you restart the computer. If you already restarted the computer after you installed security update 974571, this fix can still be applied. However, the Office Communication Services must be started manually.

If all services start without any issues, this indicates that this fix has been applied and is working correctly.

This fix sets the OCSASNFIX DWORD value to 1 for the following registry subkey on the OCS 2007/R2 and LCS 2005-SP1 Server:

HKEY_LOCAL_MACHINESystemCurrentControlSetServicesRtcSrvInstallInfoOCSASNFIX

Muchas gracias.

Javi.