Retired Microsoft Blog disclaimer
This directory is a mirror of retired "Windows PKI Team" TechNet blog and is provided as is. All posting authorship and copyrights belong to respective authors.
Original URL: https://blogs.technet.microsoft.com/pki/2011/06/14/important-security-update-for-windows-server-active-directory-certificate-services-web-enrollment/
Post name: Important Security Update for Windows Server: Active Directory Certificate Services Web Enrollment!
Original author: Kurt L Hudson MSFT
Posting date: 2011-06-14T12:37:53+00:00


An important security update, described in MS11-051 (http://go.microsoft.com/fwlink/?LinkId=217101) was released today. The update fixes a cross-site scripting vulnerability in the sample web enrollment ASP pages that are part of Active Directory Certificate Services Web Enrollment in Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2.

Important: Back up any sample web enrollment sample pages you modified (%windir%\system32\Certsrv) before applying MS11-051. After you apply the security update, you can integrate any changes you made to the original sample files into the new secure ASP sample pages. For more information, see Microsoft Knowledge Base Article 2518295 (http://support.microsoft.com/kb/2518295).


Share this article:

Comments:

Comments are closed.