Barney's Blog

Blog archive

SharePoint Security Snafu

SharePoint Services 3.0 and Office SharePoint Server 2007 are both affected by an elevation of privileges flaw.

Similar to a recently announced IE 8 flaw, hackers use cross-site scripting to wage attacks. Here, malicious code is embedded into SharePoint-based Web pages. Similar to phishing scams, users are led to these sites through spam.

The lesson here? Don't just rely on patches, but train you end users to avoid clicking anything that is the least bit suspect.

Do you train your users in security? Does it work? Share your best advice with us by writing to [email protected]

Posted by Doug Barney on May 05, 2010 at 11:53 AM


Featured

  • Ransomware Report: Don't Pay the Attackers

    According to a recent report, paying the ransom for an organization's hijacked data doesn't ensure return of the stolen data.

  • Veeam Adding Intelligence to Microsoft 365 Backup Solution

    Backup and recovery giant and major Microsoft partner Veeam unveiled a raft of new features to its solution portfolio at its VeeamON conference this week.

  • Man Suit Tablet

    Microsoft Releases 'Private Preview' of Viva Goals

    A "private preview" of Microsoft Viva Goals, an objectives and key results (OKR) solution, is now available, according to a company announcement on Monday.

  • Microsoft Searches for a New Channel Chief as Rodney Clark Exits

    Longtime Microsoft executive and worldwide Microsoft channel chief Rodney Clark is leaving the company, Microsoft announced Monday.