Spoofing occurs when the attacker determines and uses an IP address of a network, computer, or network component without being authorized to do so. A successful attack allows the attacker to operate as if the attacker is the entity normally identified by the IP address. Within the context of Office Communications Server 2007 R2, this situation comes into play only if an administrator has done both of the following:

This precaution prevents an attacker from performing IP address spoofing on specific connection (for example, mutual TLS connections). But an attacker could still spoof the address of the DNS server that Office Communications Server uses. Although this spoofing is a threat to Office Communications Server, there is nothing the server can do to prevent it. Preventing this attack requires IT-infrastructure and network-level mitigations.