Microsoft FrontPage Issues

May 1 Reputation point
2021-08-19T08:20:08.617+00:00

Hi MS support,

Our Sharepoint site (SP2013) is undergoing security vulnerabilities scan and we have landed on a few Microsoft FrontPage Issues that could not be resolved.

  1. Microsoft FrontPage Extensions Site Defacement (Due to files: admin.dll, author.dll, shtml.dll)
  2. Microsoft FrontPage Server Extensions Vital Information Leakage (Due to file: service.cnf)
  3. Microsoft FrontPage Configuration Information Leakage (Due to file: _vti_inf.html)

May I check how we can resolve the above issues?
It will be great if any official article from Microsoft can help.

Thank you,
May

SharePoint Server Development
SharePoint Server Development
SharePoint Server: A family of Microsoft on-premises document management and storage systems.Development: The process of researching, productizing, and refining new or existing technologies.
1,576 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,740 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Yi Lu_MSFT 17,461 Reputation points
    2021-08-20T08:44:06.01+00:00

    Hi @May
    Site Defacement is due to the permissions of the FrontPage server extension set incorrectly, you could try:

    1. Open the IIS management console.
    2. Select /_vti_auth/author.dll and /_vti_admin/admin.dll files in "_vti_bin" directory of the default web site.
    3. Select the "Properties" of these files.
    4. Select the "File Security" tab and Click the "Editor" button of anonymous access and authentication control.
    5. Remove the check mark on the "Allow anonymous access".
    6. Add new user using "Server Extensions Administrator" of the default web site.

    The file service.cnf which contains the metadata for a FrontPage web site should be secured. Usually this can be accomplished at the folder level by removing read access on the path through the IIS administration tool, or by copying the content to a safe location outside of your web site's content folders and then removing the content from web site. The potential threat is the revelation of domain/user names, local file paths, and other metadata.

    You can delete the file _vti_inf.html directly. This file contains the virtual paths to the FrontPage Server Extensions executables, and is used by any client that communicates with the FrontPage Server Extensions.

    For more information, you could refer to:
    https://learn.microsoft.com/en-us/iis/publish/frontpage-server-extensions/upgrade-issues-with-frontpage-server-extensions


    If an Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.