Wednesday, October 28, 2009

FIX for OCS: kb974571 MS09-056: Vulnerabilities in CryptoAPI could allow spoofing

Resolution for the known issue
A fix that resolves this issue is available for download from the Microsoft Download Center. To obtain the fix, visit the following Microsoft Web page: (

The fix (OCSASNFix.exe) is governed by the Microsoft Software License Agreement for Office Communications Server 2007 R2, Office Communications Server 2007, Live Communications Server 2005, Office Communicator 2007 R2, Office Communicator 2007, and Office Communicator 2005.
This fix works for both clients and servers, and it is applicable to the following roles for all versions of Office Communications Server and Live Communications Server 2005 SP1 and for evaluation versions of Office Communicator:

  • Standard Edition Server
  • Director server role
  • Enterprise Edition Consolidated
  • Enterprise Edition Distributed – Front End
  • Edge Server
  • Proxy server role
  • Office Communicator 2007 Evaluation version only
  • Office Communicator 2007 R2 Evaluation version only
  • Office Communicator 2005 Evaluation version only
To run the fix, type the following command at a command prompt, and then press ENTER:


When you run the command on a computer that is running Office Communication Server 2007, Office Communication Server 2007 R2, or Live Communications server 2005 Service Pack 1, you receive a message that resembles the following:

If you are using non US Explorer, this is the link