|30 Apr 2010||#1|
| || |
Microsoft investigates SharePoint 2007 zero day
Security experts worry that hackers could exploit the flaw to steal sensitive corporate information used by SharePoint customers.
Microsoft is scrambling to fix a bug in its SharePoint 2007 groupware after a Swiss firm abruptly released code this week that could be used in an attack.
The proof-of-concept code was released just over two weeks after security consultancy High-Tech Bridge says it disclosed the issue to Microsoft.
Although Microsoft hasn't said much about the seriousness of the bug, security experts worry that hackers could exploit the flaw in order to steal sensitive corporate information used by SharePoint customers, who use the software for building Web portals and collaborating on internal projects.
High-Tech Bridge discovered what is known as a cross-site scripting flaw in SharePoint. If the attacker can get a SharePoint user to click on a link, the bug lets the attacker essentially take control of the user's account.
Microsoft investigates SharePoint 2007 zero day | Security Central - InfoWorld
|My System Specs|
|Similar help and support threads for2: Microsoft investigates SharePoint 2007 zero day|
|Microsoft SharePoint Workspace not downloading files||Microsoft Office|
|Is SATA Cable Slowing Down Your Data Transfers? Max PC Investigates||Chillout Room|
|Microsoft Office Outlook 2007 problem when using Microsoft Office||Microsoft Office|
|Microsoft investigates public IE CSS XSS flaw; Twitter, Hotmail vulner||News|
|MS investigates as sweatshop spotlight shines on.......||News|
|Microsoft SharePoint: Three Tips for Making It Behave.||News|
|Microsoft Virtual PC 2007? (x86)||Virtualization|