ScottGu has posted some additional FAQs on http://weblogs.asp.net/scottgu/archive/2010/09/20/frequently-asked-questions-about-the-asp-net-security-vulnerability.aspx
The Microsoft advisory has been revised with some additional content in the FAQs. http://www.microsoft.com/technet/security/advisory/2416728.mspx
The SRD blog has also been revised with some additional content. http://blogs.technet.com/b/srd/archive/2010/09/20/additional-information-about-the-asp-net-vulnerability.aspx
The Sharepoint team has a blog on some additional workarounds that you can employ for Sharepoint 2010. http://blogs.msdn.com/b/sharepoint/archive/2010/09/21/security-advisory-2416728-vulnerability-in-asp-net-and-sharepoint.aspx
The script would be easier to use if it were possible to eliminate the "OK" messages (after verifying that your entire site tree is displayed.
' Parse command line input
'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
DIM skipOK
skipOk = 0 'default to print out "ok" messages"
IF WScript.Arguments.Length=1 THEN
IF LCase(Left(WScript.Arguments( 0 ), 2)) = "/s" THEN
skipOk = 1
ELSE
strServer = WScript.Arguments( 0 )
END IF
ELSEIF WScript.Arguments.Length>1 THEN
strServer = WScript.Arguments( 1 )
ELSEIF LCase(Left(WScript.Arguments( 1 ), 2)) = "/s" THEN
WScript.Echo "Illegal arguments"
WScript.Echo "Usage: cscript.exe DetectCustomErrorsDisabled.vbs [/skipOkMessages] [RemoteServerName]"
WScript.Quit( 1 )
---------- AND ---------------
SUB ProcessWebConfig(Path,IsRoot)
...
ELSEIF skipOk = 0 THEN
WScript.Echo Path & ": ok"
END SUB
Also, if a directory is protected - and can't be seen by an admin, the script fails. I propose this change:
SUB EnumWebConfig(Path,IsRoot)
ON ERROR RESUME NEXT
FOR EACH dir IN objFileSys.GetFolder(Path).SubFolders
CALL EnumWebConfig(dir.Path,0)
NEXT