The Exploitability Index only attempts to rate vulnerabilities that can be leveraged for code execution. Vulnerabilities that could allow denial of service, tampering, information disclosure or spoofing will receive an Exploitability Index rating of "3." The notes for that particular CVE will also reflect the nature of the vulnerability.
forms authentication Any products that are using ASP.NET forms authentication will be secured with this update. This includes SharePoint and Exchange, when they are using ASP.NET forms authentication. If these products are using a Forms Authentication module other than the one provided by ASP.NET, then the issue addressed in this bulletin does not apply to you.
