Seeing a lot of buzz in the forums and while I haven’t stumbled across this myself yet, this one seems worthy of being aware of. Note, I don’t believe there is a clear direction/instruction out of Redmond yet so take the below with a grain of salt. The below is only what I’ve gleamed so far:
If you have SharePoint 2010, running on Windows Server 2008 R2 or R2 SP1 (note, apparently SP2 is not impacted, at this writing) and you apply Microsoft KB2756920 (MS13-004), you are in for some trouble potentially with the Security Token Service
First off. Patch what needs to be patched. Only. Test, of course.
Now that said, if you have already applied KB2752920 and you start seeing things like:
“Object reference not set to an instance of an object.” on Microsoft.Office.Server.Administration.UserProfileApplicationProxy.get_ApplicationProperties()
An exception occurred when trying to issue security token: The requested service, ‘http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc/actas’ could not be activated. See the server’s diagnostic trace logs for more information..
Method Not found: “System.String System.ServiceModel.Activation.Iis7Helper.ExtendedProtectionDotlessSpnNotEnabledThrowHelper(System.Object)”
Then you might find you also have this patch installed (very recently).
Get ‘er out of there! The general guidance at this point is:
- Uninstall that fix. That’s it.
Incoming search terms:
Trackback from your site.