B
BSchwarz
Guest
Severity Rating: Important
Revision Note: V1.1 (September 13, 2011): Added update link and package information for the Microsoft Office SharePoint Server 2010 and Microsoft Office SharePoint Server 2010 Service Pack 1 (pplwfe) (KB2560890) update. This is an informational change only. There were no changes to the security update files or detection logic.
Summary: This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft SharePoint and Windows SharePoint Services. The most severe vulnerabilities could allow elevation of privilege if a user clicked on a specially crafted URL or visited a specially crafted Web site. For the most severe vulnerabilities, Internet Explorer 8 and Internet Explorer 9 users browsing to a SharePoint site in the Internet Zone are at a reduced risk because, by default, the XSS Filter in Internet Explorer 8 and Internet Explorer 9 helps to block the attacks in the Internet Zone. The XSS Filter in Internet Explorer 8 and Internet Explorer 9, however, is not enabled by default in the Intranet Zone.
Read Bulletin
Revision Note: V1.1 (September 13, 2011): Added update link and package information for the Microsoft Office SharePoint Server 2010 and Microsoft Office SharePoint Server 2010 Service Pack 1 (pplwfe) (KB2560890) update. This is an informational change only. There were no changes to the security update files or detection logic.
Summary: This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft SharePoint and Windows SharePoint Services. The most severe vulnerabilities could allow elevation of privilege if a user clicked on a specially crafted URL or visited a specially crafted Web site. For the most severe vulnerabilities, Internet Explorer 8 and Internet Explorer 9 users browsing to a SharePoint site in the Internet Zone are at a reduced risk because, by default, the XSS Filter in Internet Explorer 8 and Internet Explorer 9 helps to block the attacks in the Internet Zone. The XSS Filter in Internet Explorer 8 and Internet Explorer 9, however, is not enabled by default in the Intranet Zone.
Read Bulletin
