The Visio Graphics Service has a minimum cache age setting that may cause a security issue (SharePoint Server 2010)

 

Applies to: SharePoint Server 2010 Enterprise

Rule Name:   The Visio Graphics Service has a minimum cache age setting that may cause a security issue

Summary:   Setting Minimum Cache Age to 0 minutes may leave the Visio Graphics Service open to a denial of service (DoS) attack. A value of 0 for this setting might lead to large processor and network load of the Visio Graphics Service and Microsoft SharePoint Server 2010, decreasing the expected performance of both. However, increasing this value means that users will not see their data-connected diagrams refreshing as frequently.

Cause:   The Minimum Cache Age setting was set to 0 minutes.

Resolution:   Increase the value of the Minimum Cache Age setting

1. Verify that the user account that is performing this procedure is an administrator of the Visio Graphics Service service application.

2. In Central Administration, on the Home page, in the Application Management section, click Manage service applications.

3. On the Service Applications page, click the Visio Graphics service application.

4. On the Manage the Visio Graphics Service page, click Global Settings.

5. Ensure that the settings have the values that are listed in the following table. If they do not, type the value in the corresponding text box.

   Setting	Value
   Maximum Web Drawing Size	<= 5 (Megabytes)
   Minimum Cache Age	>= 5 (Minutes)
   Maximum Cache Age	<= 60 (Minutes)
   Maximum Recalc Duration	<= 60 (Seconds)

6. Click OK.