Everything you want to know about Visual Studio ALM and Farming
Brian Harry is a Microsoft Technical Fellow working as the Product Unit Manager for Team Foundation Server. Learn more about Brian.
More videos »
Within the last couple of weeks, we released an important update to the Team System Web Access 2008 SP1 Power Tool. The update includes only one change and it fixes a significant security issue that we discovered. I'm not going to describe it in detail, for obvious reasons, however, I encourage anyone who had previously installed TSWA 2008 SP1 to uninstall it and install the updated version. The link is here:
If you go to "Help -> About" in TSWA you can tell whether or not you have the correct version. Build 9.0.3275 is the latest "patched" version. Anything before that is unpatched. Specifically, 9.0.3160 was the original TSWA SP1 release build number.
*** UPDATE ***
Clearly some of the feedback in this post indicates that the uninstall/reinstall approach is problematic for people. First, I'll point out that the install is only about 5 minutes but none-the-less, I understand. As I said in the comments, we really can't do hot-fix style servicing of PowerTools because the cost to do that is too high. However, this fix, in particular is a pretty contained change and one approach is for you to manually update the affected files. To do this you can install the update on another machine and get them from there or you can use:
msiexec /a TeamSystemWebAccess.msi /qb TARGETDIR=c:\temp\tswa
to extract all of the files from the MSI (obviously replace the TARGETDIR value with whatever you prefer to use).
The files you need to update are:
The updated files need to be placed in both:
The following script also needs to be updated:
We appologize for the inconvenience.