Microsoft has released a patch for Critical Sharepoint 2010 vulnerability

Microsoft has released a patch for Critical Sharepoint 2010 vulnerability

Thanks to Benjamin Niaulin for Sharing this on Twitter!

It’s patch Tuesday and Microsoft released a Critical Security Bulletin about a SharePoint bug which could an allow an attacker elevated access to your SharePoint Server.

Executive Summary

This security update resolves four privately reported vulnerabilities in Microsoft SharePoint and Microsoft SharePoint Foundation. The most severe vulnerabilities could allow elevation of privilege if a user clicks a specially crafted URL that takes the user to a targeted SharePoint site.

This security update is rated Critical for all supported editions of Microsoft SharePoint Server 2010 and rated Important for all supported editions of Microsoft SharePoint Foundation 2010. For more information, see the subsection, Affected and Non-Affected Software, in this section.

The security update addresses the vulnerabilities correcting the way that Microsoft SharePoint Server validates URLs and user input. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.

You can read more about it here: http://technet.microsoft.com/en-us/security/bulletin/ms13-024#section6

Leave  a comment and don’t forget to like us on Facebook here and to follow me on Google+ here and on Twitter here  for the latest news and technical articles on SharePoint.  Also, don’t forget to check the SharePoint Community Partners list for other great SharePoint Sites, and vote for my blog if you like my content!

No ratings yet.

Please rate this

 
Comments

Does this apply if you are running SharePoint Server 2010 RTM as opposed to Service Pack 1?

Does this apply if you are running SharePoint Server 2010 RTM as opposed to Service Pack 1?

Very good question!, They say: This security update is rated Critical for all supported editions of Microsoft SharePoint Server 2010 . However in Affected software, they only talk about SP1. Hmm, I will ask and get back with the answer!

http://support.microsoft.com/kb/2553407 this says the update applies to Service Pack 1….
“Prerequisites to apply this security update
To apply this security update, you must have Service Pack 1 (SP1) for Microsoft SharePoint Server 2010 installed on the computer.”

Leave a Reply