Light Microsoft Patch Tuesday will not include a fix for Sharepoint


Light Microsoft Patch Tuesday will not include a fix for Sharepoint

Warwick Ashford

Microsoft is to issue only two software fixes in its Patch Tuesday monthly security update on 11 May, according to the advance bulletin.

One is rated "critical" for versions of the Windows operating system except Windows 7 and Windows 2008 R2, for which the rating is "important".

This demonstrates the consistently better showing of Microsoft's newer operating systems, said Wolfgang Kandek, chief technology officer at security firm Qualys.

The second patch will be for Office, where all versions are affected and it is rated "important".

But it is rated "critical" for Visual Basic for Applications and its software developers kit, said Kandek.

Microsoft has notified customers the May security update will not include a fix for the vulnerabilities found in Sharepoint 2007 as they are still working on an update.

"It seems likely that we can instead expect an out-of-band patch this month for Sharepoint given the critical nature of the cross-site scripting vulnerability, said Alan Bentley, vice-president international at security firm Lumension

This vulnerability threatens sensitive corporate information housed on the enterprise content management system, he said.

Microsoft is recommending applying workarounds until a fix is released to restrict access to the Help functionality in Sharepoint.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy