Barney's Blog

Blog archive

SharePoint Security Snafu

SharePoint Services 3.0 and Office SharePoint Server 2007 are both affected by an elevation of privileges flaw.

Similar to a recently announced IE 8 flaw, hackers use cross-site scripting to wage attacks. Here, malicious code is embedded into SharePoint-based Web pages. Similar to phishing scams, users are led to these sites through spam.

The lesson here? Don't just rely on patches, but train you end users to avoid clicking anything that is the least bit suspect.

Do you train your users in security? Does it work? Share your best advice with us by writing to [email protected]

Posted by Doug Barney on May 05, 2010 at 11:53 AM


Featured

  • The 2021 Microsoft Product Roadmap

    From Windows 10X to the next generation of Microsoft's application server products, here are the product milestones coming down the pipeline in 2021.

  • Microsoft Says System Center 2022 Will Arrive Early Next Year

    Microsoft is planning to release its new System Center product in the first quarter of 2022, with a private preview arriving within months.

  • Microsoft Talks Up Windows Server 2022's Azure Integrations

    Windows Server became available on Sept. 1; last week, Microsoft gave the product its official unveiling, focusing on all of the other products and services it will work with.

  • 2021 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.