SharePoint Security Snafu -- Redmond Channel Partner

Barney's Blog

SharePoint Security Snafu

SharePoint Services 3.0 and Office SharePoint Server 2007 are both affected by an elevation of privileges flaw.

Similar to a recently announced IE 8 flaw, hackers use cross-site scripting to wage attacks. Here, malicious code is embedded into SharePoint-based Web pages. Similar to phishing scams, users are led to these sites through spam.

The lesson here? Don't just rely on patches, but train you end users to avoid clicking anything that is the least bit suspect.

Do you train your users in security? Does it work? Share your best advice with us by writing to dbarney@redmondmag.com.

Posted by Doug Barney on May 05, 2010 at 11:53 AM

Featured

Microsoft Readies Raft of Updates to Office 365 and Azure Tools

Organizations using Office 365 and Azure solutions can expect several tooling updates from Microsoft starting this month.
2019 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss this year.
The 2019 Microsoft Product Roadmap

From the next major update to Windows 10 to the next generation of HoloLens, here's what's on tap from Microsoft this year.
Microsoft Unveils Service To Keep Azure Connections Private

Azure Private Link, a new service designed to keep Azure service connections off the public Internet, is now available from Microsoft as a preview.