Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Security Advisory 983438 Released

29 Apr 2010   #1
SGT Oddball

Security Advisory 983438 Released

Hello. Today we released Security Advisory 983438, addressing a cross-site scripting (XSS) vulnerability in SharePoint Server 2007 and SharePoint Services 3.0 that could allow Elevation of Privilege (EoP) within the SharePoint site itself. Servers are at reduced risk from Internet Explorer 8 clients, as the Internet Explorer 8 XSS filter helps to mitigate the issue in the internet zone. We are not aware of any active attacks at this time.

Customers running SharePoint Server 2007 or SharePoint Services 3.0 are encouraged to review and apply the mitigations and workarounds discussed in the Security Advisory. These include restricting access to the SharePoint help.aspx XML files and enabling the Internet Explorer 8 XSS filter in the intranet zone.

We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers.

As always, Microsoft strives to work with security researchers to address vulnerabilities in our software. This helps ensure that customers receive comprehensive, high-quality updates before cyber criminals learn of and work to exploit a vulnerability. Responsible disclosure protects the computer ecosystem and individual computer users from harm.

Anyone believed to have been affected by this issue can visit: and should contact the national law enforcement agency in their country.

We will continue to share updates on this blog and through our Twitter feed (@msftsecresponse).


Jerry Bryant
Group Manager, Response Communications

*This posting is provided "AS IS" with no warranties, and confers no rights.*


My System SpecsSystem Spec

 Security Advisory 983438 Released

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar help and support threads
Thread Forum
Fix it Released for Security Advisory 2286198
Microsoft updated Microsoft Security Advisory 2286198 to provide an automated "Fix It" solution to implement the workaround provided in the original Security Advisory release. The Fix it disables .LNK and .PIF file functionality automatically on a computer that is running Windows XP, ...
Security Advisory 2028859 Released
Security Advisory 981374 Released
Security Advisory 980088 Released
Security Advisory 979682 Released
Security Advisory 979352 Released

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 09:15.

Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App