Posted September 14, 201113 yr Severity Rating: Important Revision Note: V1.1 (September 13, 2011): Added update link and package information for the Microsoft Office SharePoint Server 2010 and Microsoft Office SharePoint Server 2010 Service Pack 1 (pplwfe) (KB2560890) update. This is an informational change only. There were no changes to the security update files or detection logic. Summary: This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft SharePoint and Windows SharePoint Services. The most severe vulnerabilities could allow elevation of privilege if a user clicked on a specially crafted URL or visited a specially crafted Web site. For the most severe vulnerabilities, Internet Explorer 8 and Internet Explorer 9 users browsing to a SharePoint site in the Internet Zone are at a reduced risk because, by default, the XSS Filter in Internet Explorer 8 and Internet Explorer 9 helps to block the attacks in the Internet Zone. The XSS Filter in Internet Explorer 8 and Internet Explorer 9, however, is not enabled by default in the Intranet Zone. Read Bulletin
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.