Add as a preferred source on Google


News

Forefront Bug Deletes Data in SharePoint Files

Microsoft last week described a problem with its Forefront enterprise security solution for SharePoint Server, cautioning that document data could get deleted as a result of the bug.

Users who run manual scans using Forefront Security for SharePoint are potentially at risk. Under certain conditions, the manual scans can cause memory leaks to occur. Over time, these memory leaks can lead to an even worse problem: document contents getting replaced with "deletion text."

Deletion text is what users typically see when Forefront Security for SharePoint has removed a virus or infected file. The reason the files get replaced is that normal documents can appear to be "exceedingly nested" as a result of the memory leaks, according to Microsoft's Forefront team.

Only manual scans will cause the problem. Real-time scans aren't affected by this bug.

The other factor that enables the bug is the use of "keyword lists." If IT pros do not set up keyword lists in Forefront Security for SharePoint, then no memory leaks will occur when running a manual scan, Microsoft's Forefront team explained.

The problem affects Forefront Security for SharePoint up to Service Pack 3 (SP3). However, even with SP3 installed, memory leaks will occur if keyword lists have been created and users run manual scans. Microsoft announced the release of SP3 for Forefront Security for SharePoint just last week.

Redmond is currently working to fix the memory leak problem. So if IT pros must run a manual scan using Forefront Security for SharePoint, Microsoft recommends disabling keyword filtering, which is the default setting for manual scans.

"This [disabling of keyword filtering] is extremely important, as manual scanning of your entire document library opens the potential of losing any document content incorrectly identified as 'exceedingly nested'," Microsoft's Forefront team warns.

In general, Microsoft recommends running a manual scan after first installing Forefront Security for SharePoint.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Microsoft Dismantles RedVDS Cybercrime Marketplace Linked to $40M in Phishing Fraud

    In a coordinated action spanning the United States and the United Kingdom, Microsoft’s Digital Crimes Unit (DCU) and international law enforcement collaborators have taken down RedVDS, a subscription based cybercrime platform tied to an estimated $40 million in fraud losses in the U.S. since March 2025.

  • Sound Wave Illustration

    CrowdStrike's Acquisition of SGNL Aims to Strengthen Identity Security

    CrowdStrike signs definitive agreement to purchase SGNL, an identity security specialist, in a deal valued at about $740 million.

  • Microsoft Acquires Osmos, Automating Data Engineering inside Fabric

    In a strategic move to reduce time-consuming manual data preparation, Microsoft has acquired Seattle-based startup Osmos, specializing in agentic AI for data engineering.

  • Linux Foundation Unites Major Tech Firms to Launch Agentic AI Foundation

    The Linux Foundation today announced the creation of a new collaborative initiative — the Agentic AI Foundation (AAIF) — bringing together major AI and cloud players such as Microsoft, OpenAI, Anthropic and other major tech companies.

Most   Popular