Light Microsoft Patch Tuesday will not include a fix for Sharepoint

News

Light Microsoft Patch Tuesday will not include a fix for Sharepoint

Warwick Ashford

Microsoft is to issue only two software fixes in its Patch Tuesday monthly security update on 11 May, according to the advance bulletin.

One is rated "critical" for versions of the Windows operating system except Windows 7 and Windows 2008 R2, for which the rating is "important".

This demonstrates the consistently better showing of Microsoft's newer operating systems, said Wolfgang Kandek, chief technology officer at security firm Qualys.

The second patch will be for Office, where all versions are affected and it is rated "important".

But it is rated "critical" for Visual Basic for Applications and its software developers kit, said Kandek.

Microsoft has notified customers the May security update will not include a fix for the vulnerabilities found in Sharepoint 2007 as they are still working on an update.

"It seems likely that we can instead expect an out-of-band patch this month for Sharepoint given the critical nature of the cross-site scripting vulnerability, said Alan Bentley, vice-president international at security firm Lumension

This vulnerability threatens sensitive corporate information housed on the enterprise content management system, he said.

Microsoft is recommending applying workarounds until a fix is released to restrict access to the Help functionality in Sharepoint.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy