-
Security Alerts - March 2008 (Special)
-
Today, Microsoft released a major revision for a vulneribility reported last year on .Net Framework. If you running framework version 1.0, 1.1 and 2.0. Please apply the fix asap.
Take note that even you are running 3.0, it is essentially using .Net Framework 2.0 runtime with extra bonus feature like WPF, WCF, etc. Hence, review the bulletin and take appropriate action.
-
IIS 7.0 Administration Pack!
-
Wow, what can I say? The IIS product team is really spending lot of effort you give you the best experience for IIS 7.0. Today, they released technical preview one for the brand new administration pack! you can take this as UI addon to various configuration in IIS 7.0 with some added features for you to get more out of IIS 7.0
Here's what you going to get if you installed it.
ASP.NET -
ASP.NET features - Authorization + Error pages for your .net authorization and custom error pages
IIS -
Request Filtering - the enchanced URLSCAN in IIS 7.0, this is the UI for you to configure it.
FastCGI - the UI for iisfcgi.dll configuration. this feature is at server level not site.
IIS Reports - fancy graphical chart for your site activities reports. you will need log parser installed for this to work.
Managment -
Configuration Editor - power full config file editor, much better than metabase explorer, allow you to search to entir hierarchy config tree, config locking etc.
IIS Database Manager - one stop UI for you to manage all db connection in IIS 7.0, explorer type of navigation, let you manage db objects, etc.
Read the official Admin Pack walkthrough/doc
and of coz. download it here...... x86, x64.
-
IIS KBs - February 2008
-
949348 How to specify a custom location for the isolated configuration file in Internet Information Services 7.0
949349 Error message when you use Server Manager in IIS 7.0 to open a feature configuration page: "Cannot add duplicate collection entry"
949353 The Managed Pipeline Mode setting is not available after you configure an application pool to use the .NET Framework 1.1 in IIS 7.0
949350 You receive an HTTP 500 error message or a blank page appears when you request an ASP.NET resource or WCF resource that is hosted on a server that is running IIS 7.0
949351 You may receive an error message when you use an ASP.NET feature configuration page in IIS 7.0
949076 Opera browsers may crash if they use TLS to connect to an IIS 7.0 Web server that is running Windows Vista or Windows Server 2008
-
More IIS 7 Downloads
-
It is hot! with the official release of W2k8 / IIS 7.0, Microsoft has released more goodies for you to experience the new IIS 7.0 revolution, latest releases including the IIS 7.0 Manager or Remote Manager for Vista/XP/Win2k3, as well as the long awaiting WebDav extension for W2k8. And of coz, the best place to look for all IIS 7.0 related download is at iis.net, or get the latest release info via this RSS feed (feed not working yet).
-
Security Alerts - March 2008
-
In this month security bulletin, although all critical fixes are related to MS Office, one of the bulletin is related to Office Web Component and hence if you utilizing OWC in your web application, you need to apply the patch asap. Details:
Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (933103)
http://support.microsoft.com/?id=933103
Affected software: Office2k (SP3), OfficeXP (SP3), VS.NET 2k2 (SP1), VS.NET 2k3 (SP1)
server: Biztalk 2k + 2k2, Commerce 2k, ISA 2k (SP1)
Take note that Office2k3 SP2/SP3 are not affected.