MS12-083: Addressing a missing certificate revocation check in IP-HTTPS

MS12-083 is being released to address a Security Feature Bypass, a class of vulnerability for which we do not frequently release security updates. This is the third such instance, with MS12-001 and MS12-032 previously having addressed Security Feature bypasses. The security feature being bypassed in the case of MS12-083 is the revocation check in IP-HTTPS….

0

Answers to the IIS WebDAV authentication bypass questions

We have heard several questions from customers about the WebDAV authentication bypass issue on IIS. We wanted to post common questions and answers here to help anyone else who might have the same question. Question: Is Sharepoint vulnerable to the authentication bypass? Answer: No, Sharepoint is not vulnerable to this vulnerability. The Sharepoint team does…

0

More information about the IIS authentication bypass

Security Advisory 971492 provides official guidance about the new IIS authentication bypass vulnerability.  We’d like to go into more detail in this blog to help you understand: Am I at risk? If so, what could happen? How can I protect myself? Which IIS configurations are at risk? Only a specific IIS configuration is at risk…

0