Woody Windischman

Sep-222010

Critical ASP.NET Issue *Updated*

Defuse the Ticking Bomb in your SharePoint Sites

Update: An out-of-band patch for this issue has now been released. Please see the SharePoint Team Blog for details.

By now, you have probably heard about the ASP.NET security flaw that was discovered over the weekend. SharePoint has been an ASP.NET based application for the last several versions, so it stands to reason that it would be affected by any problems discovered in the core platform. However, there has been some conflicting information with regard to just how (and how much) this affects SharePoint - in particular whether all versions are affected, or just SharePoint 2010.

The latest word is that you need to apply workarounds if you are using either SharePoint 2010 or SharePoint 2007. This also applies to SharePoint Foundation 2010 and Windows SharePoint Services 3.0, as well as SharePoint Portal Server 2003 and Windows SharePoint Services 2.0. (Updated to include confirmation of the older product impact.)

While it is good practice to harden any SharePoint environment, it is particularly critical to apply updates and security measures to public-facing sites. If you have not already done so, please immediately go to the official SharePoint Team Blog site and read their update for information about how to configure SharePoint to mitigate this critical ASP.NET issue. The article regarding this issue is regularly updated, and directly linked below:

Security Advisory 2416728 (Vulnerability in ASP.NET) and SharePoint.

This issue affects virtually all ASP.NET Versions

Please remember, this is not "just" a SharePoint issue - it affects all ASP.NET applications, from all vendors. Even if you don't use SharePoint, you should check with your software supplier to determine what steps should be taken to mitigate any risks in your environments.


Published: Sep-22-10 | 2 Comments | 0 Links to this post
Tagged as: Administration, Best Practices, Governance, Patches, Search Server, SharePoint, SharePoint 2010, WSS

Sep-62010

Speaking at SPIN Business Sept 15th High Noon

wpe4SharePoint Indiana Business User's Group September 15th

Just a quick note to let folks know that I'll be speaking at the SharePoint Indiana Business User's Group (SPIN Business) on Wednesday, September 15th at 12 Noon. Note that this is a mid-day meeting, not evening. I'll be talking about SharePoint Designer and Governance. I look forward to seeing you there!


Published: Sep-06-10 | 0 Comments | 0 Links to this post
Tagged as: Conferences, Governance, SharePoint, SharePoint 2010, SharePoint Designer

Aug-162010

SharePoint Saturday Columbus Wrap-up

Another Successful SharePoint Saturday in the Books

I'm back and settled after SharePoint Saturday, Columbus. There was plenty of SharePoint knowledge to be had, with 6 tracks and over 20 speakers.

My session was "Who's Afraid of SharePoint Designer". There were only a few slides - which you can download here, if you like. Most of the session was taken up demonstrating some of the governance features of SharePoint Designer 2007 and 2010.

I would like to give a warm thank you to the organizers, sponsors, and (of course) the attendees for making the day as great as it was!


Published: Aug-16-10 | 0 Comments | 0 Links to this post
Tagged as: Best Practices, Conferences, Governance, SharePoint, SharePoint 2010, SharePoint Designer

Jul-272010

Speaking at SharePoint Saturday: Columbus, Ohio

Back to My Old Stomping Grounds...

When I was a "wet behind the ears" high school graduate, I ended up attending Ohio Institute of Technology (OIT) to study Electronics Engineering Technology. While I was there, OIT became DeVry Institute of Technology, Columbus. Today it is known as DeVry University, Columbus and offers a whole lot more than electronics. I ultimately ended up living and working in Columbus for many years, and it holds a special place in my heart.

Today, I'm pleased to announce that I've been selected to present at the SharePoint Saturday in Columbus, Ohio. This takes place on August 14th, 2010 at The Conference Center at OCLC. Click on the link or logo above for all the details, including registration, a list of the other presenters, as well as the Twitter feed of #SPSColumbus commentary.

A SharePoint Saturday is a free to attend event that serves as a mini SharePoint conference. SPS Columbus will be an educational, informative & lively day filled with sessions from respected SharePoint professionals & MVPs, covering a wide variety of SharePoint-oriented topics.  SharePoint Saturday is FREE, open to the public and is your local chance to immerse yourself in SharePoint!

So, if you're in Central Ohio, and interested in SharePoint - whether you need the latest information on SharePoint 2010 or are still trying to make the best use of SharePoint 2007, this is the place to be! I hope to see you there...


Published: Jul-27-10 | 0 Comments | 0 Links to this post
Tagged as: Best Practices, Conferences, SharePoint, SharePoint 2010, SharePoint Designer

 Next >>