If you apply the update to a live web-server, there will be
some period of time when the web-server will be offline (although an OS reboot
should not be required). You’ll want to schedule and coordinate your updates
appropriately.
Importantly – if your site or application is running across
multiple web-servers in a web-farm, you’ll want to make sure the update is
applied to all of the machines (and not just some of them). This is because the
update changes the encryption/signing behavior of certain features in ASP.NET,
and a mix of patched and un-patched servers will cause that encryption/signing
behavior to be incompatible between them. If you are using a web-farm
topology, you might want to look at pulling half of the machines out of
rotation, update them, and then swap the active and inactive machines (so that
the updated machines are in rotation, and the non-updated ones are pulled from
rotation and patched next) to avoid these mismatches.
Does this update work with SharePoint?
Yes. We have not found any issues in testing SharePoint
with this security update. You should install it on SharePoint servers to
ensure that they are not vulnerable.
Can I both install and uninstall the update?
Yes. The updates support install and uninstall
scenarios. Note that if you uninstall the update, though, it will leave
your system unprotected.