Posts Tagged ‘ SharePoint ’


Microsoft Patch Tuesday targets Internet Explorer drive-by attacks

Written by admin
March 8th, 2013

Microsoft Patch Tuesday targets Internet Explorer drive-by attacks
Microsoft’s SharePoint, drawing application Visio get patched

Internet Explorer vulnerabilities warrant notice in this month’s set of Microsoft Patch Tuesday bulletins and need to be fixed quickly even though the sheer number of patches may seem daunting.

The weaknesses leave users open to drive-by attacks where malicious code is downloaded without the user’s knowledge while browsing. Not patching them because they are time-consuming will just widen the window of opportunity hackers have to exploit them, says Alex Horan, a senior product manager at CORE Security.

“Preventing future drive-by style attacks and protecting end-users appear to be the theme of this month’s Patch Tuesday,” Horan says. “These patches can be a hassle for users to deploy and have the potential to create a long enough delay where hackers can take advantage.”

So far the weaknesses haven’t been exploited. “Fortunately, this issue has no known attacks in the wild,” says Paul Henry, a security and forensic analyst at Lumension. “However, you should still plan to patch this immediately. ”

Four of seven bulletins for March are rated critical, with the first addressing browser problems. “It fixes critical vulnerabilities that could be used for machine takeover in all versions of Internet Explorer from 6 to 10, on all platforms including Windows 8 and Windows RT,” says Qualys CTO Wolfgang Kandek.

Microsoft’s Silverlight media application framework is also critically vulnerable, according to the company’s Security Bulletin Advance Notification. It affects Silverlight whether deployed on Windows or Mac OS X operating systems, where it is used to run media applications such as Netflix, Kandek says.

This vulnerability is more of concern to consumers because it only affects the Silverlight plug-in. Henry says plug-ins should be avoided in general. “[T]hey add another threat vector and are frequently an easy target for the bad guys,” he says.

Also in critical need of patching is Microsoft’s drawing application Visio, which comes as a surprise to Kandek. “It is puzzling to see such a high rating for this software that typically requires opening of an infected file in order for the attack to work. It will be interesting to see the attack vector for this vulnerability that warrants the ‘critical’ rating,” he says.

Critical vulnerabilities are those that could allow code execution without user interaction if they are successfully exploited. This type of exploit includes network worms, browsing to infected Web pages or opening infected emails.

The final critical vulnerability lies in SharePoint Server, Microsoft says.

Three of the bulletins are rated important and include two that could allow data to leak and one that could allow attackers to elevate privileges on an exploited machine. Important bulletins include vulnerabilities that could lead to compromised confidentiality, integrity or availability of user data, or of the integrity or availability of processing resources, Microsoft says. Such exploits may include warnings or prompts.

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

Facebook facebook   Twitter twitter   Digg digg   Tumblr tumblr   Stumbleupon stumbleupon   Linkedin linkedin   Delicious delicious    

Tags: , , ,
Microsoft | No Comments

New book: Working with Microsoft FAST Search Server 2010 for SharePoint

Written by admin
May 19th, 2012

New book: Working with Microsoft FAST Search Server 2010 for SharePoint

We’re happy to announce the availability of Working with Microsoft FAST Search Server 2010 for SharePoint, by Mikael Svenson, Marcus Johansson and Robert Piddocke

Although SharePoint has always had search capabilities, those capabilities have been hugely improved by the addition of FAST Search for SharePoint (FS4SP). FS4SP provides a feature-rich alternative to the limited out-of-the-box search experience in SharePoint 2010, and can be extended to meet complex information retrieval requirements. If your organization is looking for a fully configurable and scalable search solution, Microsoft FAST Search Server 2010 for SharePoint may be right for you.

The book is aimed squarely at SharePoint architects and developers who are either actively implementing search solutions using FS4SP or who simply want to learn more about how FS4SP works.

The book introduces the core concepts of FS4SP as well as some of the key concepts of enterprise search, then delves into deployment, operations, and development, presenting several “how to” examples of common tasks most administrators or developers will need to tackle as examples. In addition, the book includes two scenarios that showcase the capabilities of FS4SP for Intranet and E-commerce deployments. Beyond the explanatory content, most chapters include step by step examples and downloadable sample projects that you can explore for yourself.

You can view the complete table of contents and read the complete Chapter 1 sample chapter from

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

 

Facebook facebook   Twitter twitter   Digg digg   Tumblr tumblr   Stumbleupon stumbleupon   Linkedin linkedin   Delicious delicious    

Tags: , ,
MCITP, MCSA, MCSE, MCTS, Microsoft, Tech | No Comments

Three Ways To Be Productive Using SharePoint and SQL Server (Part 1)

Written by admin
April 24th, 2012

Introduction
In the first part of my three-part series on increasing productivity when using SharePoint and SQL Server, we will focus on searching product data from the Adventure Works database, including the use of meta-data and managed properties. The second part will show how to link the search results to a page highlighting some of the Business Intelligence (BI) features of SharePoint based on product data. The third will focus on maintaining expertise in MySites in a managed fashion.
MCTS Training, MCITP Trainnig
Best Microsoft MCTS Certification, Microsoft MCITP Training
at certkingdom.com
Searching Product Data from the Adventure Works Database
One of the great benefits of using SharePoint is that it provides search, business intelligence, collaboration and portals on a unified platform. This provides a huge benefit in terms of cost-savings and productivity. To take advantage of the search functionality and provide the capability to search products in an intranet or public-facing website, it can be done by defining the taxonomy, putting that taxonomy into SharePoint and tying it to a crawl of the products database.

The products in the Adventure Works database are broken down into categories and sub-categories. Go into your Managed Metadata Service and define an Adventure Works Group.

Then, create a term set for both the categories and sub-categories. Now, add the items from the database. These can also be imported using the term store import functionality.

The next step is to create a view in the database that joins the products, sub-categories and categories to be indexed.

In order to connect to the data, go into your secure store application and create a target application to connect to the database. Name the target application “Adventure Works”. Use a Target Application Type of Group. Set the user name and password for Windows. Then, map the Members group to an AD Group that should have access to connect to those credentials.

Now open SharePoint Designer 2010 and connect to your site to create an External Content Type.

Click on External Content Types and choose the option to create a new one.

Enter the name of the content type. In this case, we will name it Adventure Works Products.

Choose Generic List as the Office Item List Type.

Hit the link named “Click Here to Discover External Data Sources and Define Operations” and choose SQL Server.

Enter the database server and database name and choose Connect with Impersonated Custom Identity. Enter the name of the desired secure store application used to connect to the AdventureWorks database.

Create “Read Item” and “Read List” operations for the view we created to expose the products, sub-categories and categories for searching by right-clicking the view name and choosing the new option for each. Accept all defaults on both.

Choose “Create Lists and Form” and name the list “Adventure Works Products”. Now, browse the list to ensure it pulls the products from the database.

Next, go into the Search Service Application to create a crawl of the external content type.

In central administration, open the search service application you wish to use.

Click on Content Sources, then choose New Content Source.

Once the full crawl completes, the next step is to map the Metadata Properties. Click the link to Metadata Properties under Queries and Results in the Search Service Application. Also, ensure the service account used to crawl the products has access to the Adventure Works BCS service application.

Click “Categories”, then “Business Data”.

At this point, there will be a list of properties from the products view.

Click the ProductCategory property and map it to the ProductCategory Managed property. Do the same for ProductSubCategory.

Run the full crawl again on the Adventure Works content source in the search service application.

Next, setup the action to view the product once it is returned by the search. Go to your business data connectivity service for Adventure Works Products, open it, and click the “View Profile” action and set it as follows:

Now we are set on the search of the products. Go to a search center or create one in your SharePoint environment. Add refinement filters to include the product and product subcategories.

Edit the search web page and modify the Refinement Panel web part.

Expand the Refinement grouping in the web part and de-select the Use Default Configuration option.

Add two <Category> tags to the XML in the Filter Category Definition property:

<Category Title=”Product Category” Description=”Use this filter to restrict results authored by a specific category” Type=”Microsoft.Office.Server.Search.WebControls.ManagedPropertyFilterGenerator” MetadataThreshold=”1″ NumberOfFiltersToDisplay=”4″ MaxNumberOfFilters=”20″ SortBy=”Frequency” SortByForMoreFilters=”Name” SortDirection=”Descending” SortDirectionForMoreFilters=”Ascending” ShowMoreLink=”True” MappedProperty=”ProductCategory” MoreLinkText=”show more” LessLinkText=”show fewer” />

<Category Title=”Product Subcategory” Description=”Use this filter to restrict results authored by a specific sub-category” Type=”Microsoft.Office.Server.Search.WebControls.ManagedPropertyFilterGenerator” MetadataThreshold=”1″ NumberOfFiltersToDisplay=”4″ MaxNumberOfFilters=”20″ SortBy=”Frequency” SortByForMoreFilters=”Name” SortDirection=”Descending” SortDirectionForMoreFilters=”Ascending” ShowMoreLink=”True” MappedProperty=”ProductSubCategory” MoreLinkText=”show more” LessLinkText=”show fewer” />

Search for Accessories and view the results. You can now search for products by product information, category and sub-category. Hover over the link to the product results and view the URL.

In the second part of the article series, we will create a product page with some BI features. .
MCTS Training, MCITP Trainnig
Best Microsoft MCTS Certification, Microsoft MCITP Training
at certkingdom.com

Facebook facebook   Twitter twitter   Digg digg   Tumblr tumblr   Stumbleupon stumbleupon   Linkedin linkedin   Delicious delicious    

Tags: , , , , , , , , , , , , , , , , , , , , ,
MCITP, MCTS, Microsoft, Tech | No Comments