Patch for Potential Security Vulnerability in Search Service (322940)


The information in this article applies to:

  • Microsoft SharePoint Portal Server 2001 SP1
This article was previously published under Q322940

SYMPTOMS

Microsoft has released a patch to address a potential security vulnerability in the search service that is included with Microsoft SharePoint Portal Server 2001. Under special circumstances, a different process can open the search service's filter daemon process and read its memory, thereby examining what is being indexed by the search service.

RESOLUTION

To resolve this problem, obtain the latest service pack for Microsoft SharePoint Portal Server 2001. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

312963 How to Obtain the Latest SharePoint Portal Server 2001 Service Pack

The English version of this fix should have the following file attributes or later:
   Date         Time    Version         Size       File name
   ----------------------------------------------------------
   14-May-2002  03:13   10.145.4629.22  1,703,936  Mssrch.dll
NOTE: Because of file dependencies, this update requires Microsoft SharePoint Portal Server 2001 Service Pack 1

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.
This problem was first corrected in Microsoft SharePoint Portal Server 2001 Service Pack 2.
Modification Type:MinorLast Reviewed:9/30/2005
Keywords:kbHotfixServer kbQFE kbSharePtPortalSvr2001SP2fix kbbug kbfix KB322940
©2004 Microsoft Corporation. All rights reserved.