Posted June 12, 201212 yr FPCH Admin Severity Rating: Important Revision Note: V1.0 (June 12, 2012): Bulletin published. Summary: This security update resolves one privately reported vulnerability in Microsoft Dynamics AX Enterprise Portal. The vulnerability could allow elevation of privilege if a user clicks a specially crafted URL or visits a specially crafted website. In an email attack scenario, an attacker could exploit the vulnerability by sending an email message that contains the specially crafted URL to the user of the targeted Microsoft Dynamics AX Enterprise Portal site and by convincing the user to click the specially crafted URL. Internet Explorer 8 and Internet Explorer 9 users browsing to a Microsoft Dynamics AX Enterprise Portal site in the Internet Zone are at a reduced risk. By default, the XSS Filter in Internet Explorer 8 and Internet Explorer 9 prevents this attack in the Internet Zone. However, the XSS Filter in Internet Explorer 8 and Internet Explorer 9 is not enabled by default in the Intranet Zone. View this security bulletin Off Topic Forum - Unlike the Rest
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.