Site icon Liquidmatrix Security Digest

Microsoft Investigating SharePoint 2007 0-Day

Whoops. It would appear that there’ll be some pizzas ordered tonight in Redmond.

From Computer World:

Microsoft is scrambling to fix a bug in its SharePoint 2007 groupware after a Swiss firm abruptly released code that could be used in an attack.

The proof-of-concept code was released Wednesday, just over two weeks after security consultancy High-Tech Bridge says it disclosed the issue to Microsoft on April 12.

Although Microsoft hasn’t said much about the seriousness of the bug, security experts worry that hackers could exploit the flaw in order to steal sensitive corporate information used by SharePoint customers, who use the software for building Web portals and collaborating on internal projects.

If I had any free time I’d be digging into this story more. AUGH!

Article Link

Exit mobile version