Share via


Service Releases for FrontPage Server Extensions 2000

This content is no longer actively maintained. It is provided as is, for anyone who may still be using these technologies, with no warranties or claims of accuracy with regard to the most recent product version or service release.

Contents

Introduction

Service Release 1.4

Service Release 1.3

Service Release 1.2

Introduction

This section describes each of the service releases for FrontPage Server Extensions 2000. The most current service release for FrontPage Server Extensions 2000 is Service Release 1.4.

Important   FrontPage Server Extensions 2002 supercedes FrontPage Server Extensions 2000 and supports clients using FrontPage 2002 as well as previous versions. If at all possible you should upgrade your Web servers to FrontPage Server Extensions 2002.

Service Release 1.4

Service Release 1.4 is the most recent and final service release for FrontPage Server Extensions 2000. Web administrators hosting Web sites extended with the FrontPage Server Extensions should download and install the appropriate download for their operating system and Web server.

For more information on the FrontPage Server Extensions 2000 or to download the installation files, see the following resources.

Note   FrontPage Server Extensions 2000 Service Release 1.4 represents the final Service Release update to the FrontPage Server Extensions 2000 for both Microsoft Windows and UNIX platforms. Web administrators should consider downloading and installing the FrontPage Server Extensions 2002 to upgrade their Web servers to the most recent release of FrontPage Server Extensions.

For information on issues resolved with Service Release 1.4 and installation instructions, see Description of the FrontPage 2000 Server Extensions Security Patch.

Service Release 1.3

Service Release 1.3 is superceded by Service Release 1.4.  For the appropriate operating system download, see Service Release 1.4.  Updates in Service Release 1.3 are for Microsoft Windows-based Platforms (version 4.0.2.5526 for Windows 2000, Windows NT 4.0 and Windows 9x systems).  The following issues and resolutions are included in this service release.

Issue Affecting Resolution
Security Visual Interdev can create FrontPage Server Extension application roots without robust security.
Security FrontPage Server Extensions sub-component contains unchecked buffer.
Operations FrontPage Server Extensions are unable to save files after being first installed, without first creating a web.
Operations Saving to target folder with UNC path while running for the first time prevents save.

For additional information and installation instructions, see List of Issues Fixed in FrontPage Server Extensions Service Release 1.3.

Service Release 1.2

Service Release 1.2 is superceded by Service Release 1.3.  For the necessary updates, download Service Release 1.4 for the appropriate operating system. The following sections describe the updates included in service release 1.2 for Windows and UNIX-based Web servers. For additional information and installation instructions and issues resolved in this service release, see Windows-Based Fixes for Server Extensions SR1.2.

Microsoft Windows-based Platforms

The following issues and resolutions are included in service release 1.2 for Windows-based Web servers (version 4.0.2.4324 for Windows 2000 systems, version 4.0.2.4317 for Windows NT 4.0 and Windows 9x systems).

Issue Affecting Resolution
Categories Functional links created using categories appear broken in the broken links report and Hyperlinks View.
Permissions Users who have Administer permission on the root web cannot set permissions on the root web if they do not have explicit permissions to all other subwebs.
Security
  • ASP source code could be viewed under certain circumstances.
  • An external attack could cause Server Extensions to leak memory.
  • An external attack could cause the server's CPU to spike.
  • Server Extension error messages show full operating system path to the Web site.
  • Sending Dos devices as a parameter to shtml.dll causes the FrontPage Server Extensions to stop responding. The Web site remains accessible, but FrontPage authoring and browse time Web bot components fail.

UNIX-based Platforms

The following issues and resolutions are included in service release 1.2 for UNIX-based Platforms (version 4.0.2.4222).

Issue Affecting Resolution
Security
  • ASP source code could be viewed under certain circumstances.
  • An external attack could cause the server's CPU to spike.
  • Server Extension error messages show full operating system path to the Web site.
  • Some directory permissions were not as secure as possible.

Thank you to the customers that reported security issues and assisted us with fixing them.

Service Release 1.1

Service Release 1.1 is superceded by Service Release 1.2.  For the necessary updates, download Service Release 1.4 for the appropriate operating system. For additional information and a list of issues resolved in this service release, see FrontPage 2000 Server Extensions Service Release 1.1.