Home / bulletins MS11-074 - Important : Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2451858) - Version: 1.3
Posted on 11 October 2011
ImportantSeverity Rating: Important
Revision Note: V1.3 (October 11, 2011): Announced changes to detection logic for some affected configurations. There were no changes to the security update files. See the Update FAQ for details.
Summary: This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft SharePoint and Windows SharePoint Services. The most severe vulnerabilities could allow elevation of privilege if a user clicked on a specially crafted URL or visited a specially crafted Web site. For the most severe vulnerabilities, Internet Explorer 8 and Internet Explorer 9 users browsing to a SharePoint site in the Internet Zone are at a reduced risk because, by default, the XSS Filter in Internet Explorer 8 and Internet Explorer 9 helps to block the attacks in the Internet Zone. The XSS Filter in Internet Explorer 8 and Internet Explorer 9, however, is not enabled by default in the Intranet Zone.Other versions
- MS11-074 - Version: 1.0
- MS11-074 - Version: 1.1
- MS11-074 - Version: 1.2
- MS11-074 - Version: 1.3
