Wifi Password Recovery - UTM - Vulnerability Scanning


VIP LOUNGE
CLOUD LOGIN
Sun Sun Sun

You are here: News > News > Cross-site scripting error discovered by Microsoft

» IT Security NEWS
 
» 02 May 2010
Cross-site scripting error discovered by Microsoft

 

There was a vulnerability found that can threaten the safety of the SharePoint Platform. Hence, the Microsoft Corporation advises the individuals to become cautious especially with the presence of this hole.
Holes on the product are not yet exploited
According to what Microsoft discovered, the components of their products SharePoint Server 2007 and the SharePoint Services 3.0 possess a flaw making it susceptible to attacks that involve cross-site scripting. It is reassuring that Microsoft Corporation has not received complaints from any of the users of their goods regarding the utilization of the flaw in the criminal attacks.
Negative impact might actually arise
Even though no single attack was recorded ever since the vulnerability was found, there is still a possibility that this hole may be abused. And, there are probable harmful effects once a crook finds its way into abusing the newly-uncovered threat.
When an assailant targets the component of the SharePoint product that is at risk, unwanted results take place. The company finds that it is possible for an online criminal to gain unlawful entry into the SharePoint site with greater benefits through the use of the hole.
Keys for protection are applied
There are ways where one can avoid the exploitation on the flawed components of the two SharePoint products. According to the corporation, the managers who are in-charge with the safety should utilize the access control list on the SharePoint Help.aspx file. This action is one of the ways that can avoid users from accessing and abusing the components that are in danger.
But then, this method also has an unfavorable consequence especially to the other users. Using this means of protection, the help function will no longer be available to the individuals on the damaged site of the SharePoint.
Microsoft Corporation suggested that the security being applied on the Internet Explorer 8 regarding cross-site scripting may also assist in evading the unnecessary attacks on the vulnerability. As of the present, Microsoft is already creating a fix for the vulnerability. And, this patch will be included in the company’s scheduled monthly update for May.
Click on any of the three links to have more knowledge about SecPoint: About SecPoint, SecPoint Press, and SecPoint Awards.

 


Reviews of SecPoint.com
 
 
 
 
 

Awards & Reviews
  

  

Subscribe to our Mailing List

Customer References


About
About
SecPoint
History
Mission Statement
Vision
Management
Investment
Bank
Sponsorship
Certificates
Environment
Environment
What is RoHS Weee?
Accounting
Values
Member of Organisations
Merchandise
SecPoint Certification
Design
Status Information
Hardware Vendors
Jobs
Environment
SecPoint on social media
Twitter Facebook Youtube
Products
Products
Protector
Cloud Protector
Penetrator
Portable Penetrator
Cloud Penetrator
Free IT Security Tools
Pricing
SecPoint Brochures
SecPoint Questions FAQ
SecPoint Datasheets
SecPoint SPID Library


Partners
Partners
Become a SecPoint Affiliate
Become a SecPoint Partner
SecPoint Franchising
SecPoint Partner Lounge
News
News
Press
Product Awards
SecPoint RSS Feeds


Contact
Contact
General Contact
IT Security Products Webshop
Latest SecPoint Software Images Change Log
SecPoint FAQ Frequently Asked Questions
SecPoint on Twitter
SecPoint Sales Training Videos
SecPoint Shipping Cost
SecPoint World Wide Shipping
Support
Solutions
Anti-Spam Appliance
UTM Appliance
Penetration Testing
Proxy Appliance
SAAS
Spam Filters
Vulnerability Assessment
Vulnerability Scanner
Vulnerability Scanning
Vulnerability Scanning Appliance
Web Content Filter
Web Filter Appliance
WiFi Hacking
How essential is vulnerability
management?
What is ...?

Encyclopedia | Free Scan Statement | Link Policy | Privacy Statement | Resources | Sitemap | User Policy
© Copyright 1999-2012: SecPoint®
SecPoint ApS Noerregade 7B - 1165 Copenhagen K - Denmark
US Toll free: +1-888-704-7297 - EU: +45-70-235-245