Home / bulletins MS11-074 - Important : Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2451858) - Version: 1.2
Posted on 22 September 2011
There is an newer version: MS11-074 - Version: 1.3
ImportantSeverity Rating: Important
Revision Note: V1.2 (September 21, 2011): Removed erroneous reference to Microsoft Knowledge Base Article 2553001 in the deployment reference table for Microsoft Groove Server 2007. This is an informational change only. There were no changes to the security update files or detection logic.
Summary: This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft SharePoint and Windows SharePoint Services. The most severe vulnerabilities could allow elevation of privilege if a user clicked on a specially crafted URL or visited a specially crafted Web site. For the most severe vulnerabilities, Internet Explorer 8 and Internet Explorer 9 users browsing to a SharePoint site in the Internet Zone are at a reduced risk because, by default, the XSS Filter in Internet Explorer 8 and Internet Explorer 9 helps to block the attacks in the Internet Zone. The XSS Filter in Internet Explorer 8 and Internet Explorer 9, however, is not enabled by default in the Intranet Zone.Other versions
- MS11-074 - Version: 1.0
- MS11-074 - Version: 1.1
- MS11-074 - Version: 1.2
- MS11-074 - Version: 1.3
