SharePoint Security Snafu -- Redmond Channel Partner

Barney's Blog

SharePoint Security Snafu

SharePoint Services 3.0 and Office SharePoint Server 2007 are both affected by an elevation of privileges flaw.

Similar to a recently announced IE 8 flaw, hackers use cross-site scripting to wage attacks. Here, malicious code is embedded into SharePoint-based Web pages. Similar to phishing scams, users are led to these sites through spam.

The lesson here? Don't just rely on patches, but train you end users to avoid clicking anything that is the least bit suspect.

Do you train your users in security? Does it work? Share your best advice with us by writing to [email protected].

Posted by Doug Barney on May 05, 2010

Free Webcast! Learn about Password Management Best Practices

Featured

Copilot Front and Center at Microsoft Ignite 2024

Microsoft CEO Satya Nadella kicked off this year's Ignite conference with a keynote speech focused on the company's efforts to evolve Copilot.
2024-2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.
Microsoft Extends AI Copyright Protections to Its Partners

Microsoft this week announced several new partner benefits meant to accelerate channel sales amid skyrocketing AI demand.
The 2024 Microsoft Product Roadmap

Everything Microsoft partners and IT pros need to know about major Microsoft product milestones this year.