Service Releases for FrontPage Server Extensions 2000

Article
06/14/2014

This content is no longer actively maintained. It is provided as is, for anyone who may still be using these technologies, with no warranties or claims of accuracy with regard to the most recent product version or service release.

Introduction
Service Release 1.4
Service Release 1.3
Service Release 1.2
Service Release 1.1

Introduction

This section describes each of the service releases for FrontPage Server Extensions 2000. The most recent service release for FrontPage Server Extensions 2000 is Service Release 1.4.

Important FrontPage Server Extensions 2002 supersedes FrontPage Server Extensions 2000 and supports clients using Microsoft FrontPage 2002 as well as previous versions. If at all possible you should upgrade your Web servers to FrontPage Server Extensions 2002.

Service Release 1.4

Service Release 1.4 is the most recent and final service release for FrontPage Server Extensions 2000. Web administrators hosting Web sites extended with the FrontPage Server Extensions should download and install the appropriate download for their operating system and Web server.

For more information on the FrontPage Server Extensions 2000 or to download the installation files, see the following resources:

FrontPage Server Extensions 2000 for Windows-based Servers
Microsoft no longer supports the download version of FrontPage Server Extensions 2000.
FrontPage Server Extensions 2000 for UNIX-based Servers

Note FrontPage Server Extensions 2000 Service Release 1.4 is the final Service Release update to FrontPage Server Extensions 2000 for both Microsoft Windows and UNIX. Web administrators should consider installing FrontPage Server Extensions 2002 to upgrade their Web servers to the most recent release of FrontPage Server Extensions.

For information on issues resolved with Service Release 1.4 and installation instructions, see Description of the FrontPage 2000 Server Extensions Security Patch.

Service Release 1.3

Service Release 1.3 is superseded by Service Release 1.4. Updates in Service Release 1.3 are for Microsoft Windows-based platforms (version 4.0.2.5526 for Windows 2000, Windows NT 4.0 and Windows 9x systems). The following issues and resolutions are included in this service release.

Issue Affecting	Resolution
Security	Visual Interdev can create FrontPage Server Extension application roots without robust security.
Security	FrontPage Server Extensions sub-component contains unchecked buffer.
Operations	FrontPage Server Extensions are unable to save files after being first installed, without first creating a web.
Operations	Saving to target folder with UNC path while running for the first time prevents save.

For additional information and installation instructions, see List of issues fixed in FrontPage Server Extensions Service Release 1.3.

Service Release 1.2

Service Release 1.2 is superseded by Service Release 1.3. The following sections describe the updates included in service release 1.2 for Windows-based and UNIX-based Web servers. For additional information and installation instructions and issues resolved in this service release, see Description of Windows-based fixes for Server Extensions SR1.2.

Microsoft Windows-based Platforms

The following issues and resolutions are included in service release 1.2 for Windows-based Web servers (version 4.0.2.4324 for Windows 2000 systems, version 4.0.2.4317 for Windows NT 4.0, and Windows 9x systems).

Issue Affecting	Resolution
Categories	Functional links created using categories appear broken in the broken links report and Hyperlinks View.
Permissions	Users who have Administer permission on the root web cannot set permissions on the root web if they do not have explicit permissions to all other subwebs.
Security	ASP source code could be viewed under certain circumstances. An external attack could cause Server Extensions to leak memory. An external attack could cause the server's CPU to spike. Server Extension error messages show full operating system path to the Web site. Sending Dos devices as a parameter to shtml.dll causes the FrontPage Server Extensions to stop responding. The Web site remains accessible, but FrontPage authoring and browse time Web bot components fail.

UNIX-based Platforms

The following issues and resolutions are included in service release 1.2 for UNIX-based Platforms (version 4.0.2.4222).

Issue Affecting	Resolution
Security	ASP source code could be viewed under certain circumstances. An external attack could cause the server's CPU to spike. Server Extension error messages show full operating system path to the Web site. Some directory permissions were not as secure as possible.

Thank you to the customers that reported security issues and assisted us with fixing them.

Service Release 1.1

Service Release 1.1 is superseded by Service Release 1.2. For additional information and a list of issues resolved in this service release, see Description of FrontPage 2000 Server Extensions Service Release 1.1.