Microsoft Security Bulletin || Vulnerabilities in FAST Search Server 2010 || Remote Code Execution
February 14, 2013 by ashish banga
Friends, Microsoft has release a security bulletin for a FAST Search for SharePoint 2010. PF below for more help.
Full Details available at: http://technet.microsoft.com/security/bulletin/MS13-013
Bulletin ID : MS13-013
Bulletin Name: Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution (2784242)
Maximum Severity Rating: Important
Vulnerability Impact: Remote Code Execution
Restart Requirement: May require restart
Affected Software: Microsoft FAST Search Server 2010 for SharePoint and Advanced Filter Pack.
Summary:This security update resolves publicly disclosed vulnerabilities in Microsoft FAST Search Server 2010 for SharePoint. The vulnerabilities could allow remote code execution in the security context of a user account with a restricted token. FAST Search Server for SharePoint is only affected by this issue when Advanced Filter Pack is enabled. By default, Advanced Filter Pack is disabled.
This security update is rated Important for supported editions of FAST Search Server 2010 for SharePoint. For more information, see the subsection, Affected and Non-Affected Software, in this section.The security update addresses the vulnerabilities by updating the affected Oracle Outside In libraries to a non-vulnerable version. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.
This update is available from the Microsoft Download Center only.
If you liked this post, do like on Facebook at: https://www.facebook.com/Ashishsharepointblog
Feel free to Rate and provide feedback if you find post useful
Hope this help