Jespers Bagh's IT Blog: MS09-031 Patch for ISA Server

Microsoft has released this information and hotfix:

Vulnerability in Microsoft ISA Server 2006 Could Cause Elevation of Privilege (970953)

http://www.microsoft.com/technet/security/Bulletin/MS09-031.mspx

Affected Software:

Microsoft Internet Security And Acceleration Server 2006 (KB970811)
Microsoft Internet Security And Acceleration Server 2006 Supportability Update (KB970811)
Microsoft Internet Security And Acceleration Server 2006 Service Pack 1 (KB971143)

This security update resolves a privately reported vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2006. The vulnerability could allow elevation of privilege if an attacker successfully impersonates an administrative user account for an ISA server that is configured for Radius One Time Password (OTP) authentication and authentication delegation with Kerberos Constrained Delegation.

Test it and install it now.

Jespers Bagh's IT Blog

Wednesday, July 15, 2009

MS09-031 Patch for ISA Server

About Me

Previous Posts