Monday, February 20, 2012

PowerShell

If you would like a complete listing of the cmdlets:

Get-Command -module Microsoft.SharePoint.PowerShell | format-table name > textfilename.txt
Posted by at 0 comments
Labels: ,
Location: 6000 Kolding, Denmark

Friday, February 17, 2012

SharePoint security vulnerability and patch


On Microsoft's security bulletin, a SharePoint security vulnerability and patch was announced: http://technet.microsoft.com/en-us/security/bulletin/ms11-074.  The specific issue at hand is XSS related, allowing for malicious URL's to execute SharePoint commands unintentionally, and overall is bad news.  Of course, most modern browsers have XSS protection built in, but most also disable it when in " Intranet" mode (which is how most SharePoint deployments tend to be deployed)

This security issue affects Office 2007 and 2010 clients, as well as SharePoint 2007 and 2010 servers.  Installing this update for Office clients is pretty straight forward, but like all SharePoint related updates, this one has some issues.

if you are running SharePoint 2010 or 2007, you install these updates as soon as you can.  If you don't install them, WSUS may install them for you and wind up breaking your farm.  BUT, make sure you thoroughly test them before you do anything on production.

If you're running SharePoint 2010 I recommend doing the following:

If you aren't already on SharePoint 2010 Service Pack 1 + the June Cumulative Updates, go ahead and do so now.  Many of the SP1 issues that were reported regarding Claims authentication are resolved in the June 2011 update.
Ensure your environment is still functioning post-Service Pack and CU.  Resolve any issues that may arise (such as restarting the User Profile Service, and ignoring the false farm health check error Microsoft discovered)
Install all of the SharePoint 2010 security updates:
SharePoint Foundation 2010 "base" update –
KB 2494001
KB 2494022
KB 2560885
KB 2560890
KB 2566456
KB 2566954
KB 2566958
KB 2566960
If you're running Office Web Apps – KB 2566449
Make sure that you've run the configuration wizard on all servers in your farm.
Like all SharePoint updates, TEST IT BEFORE YOU INSTALL IT IN PRODUCTION.  If you only deploy partial versions of this update, there are chances your publishing pages or User Profile service may throw errors until you get everything back in sync.
Posted by at 0 comments
Labels:
Location: 6000 Kolding, Denmark
Subscribe to: Posts (Atom)