Thanks to Benjamin Niaulin for Sharing this on Twitter!
It’s patch Tuesday and Microsoft released a Critical Security Bulletin about a SharePoint bug which could an allow an attacker elevated access to your SharePoint Server.
This security update resolves four privately reported vulnerabilities in Microsoft SharePoint and Microsoft SharePoint Foundation. The most severe vulnerabilities could allow elevation of privilege if a user clicks a specially crafted URL that takes the user to a targeted SharePoint site.
This security update is rated Critical for all supported editions of Microsoft SharePoint Server 2010 and rated Important for all supported editions of Microsoft SharePoint Foundation 2010. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses the vulnerabilities correcting the way that Microsoft SharePoint Server validates URLs and user input. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.
You can read more about it here: http://technet.microsoft.com/en-us/security/bulletin/ms13-024#section6
Leave a comment and don’t forget to like us on Facebook here and to follow me on Google+ here and on Twitter here for the latest news and technical articles on SharePoint. Also, don’t forget to check the SharePoint Community Partners list for other great SharePoint Sites, and vote for my blog if you like my content!