New SharePoint bug opens corporations to data loss risk

Microsoft warned Thursday of a cross-site scripting (XSS) vulnerability in its business collaborative platform SharePoint that could allow hackers to elevate privileges and steal sensitive data.

Users running Windows SharePoint Services 3.0 or Microsoft Office SharePoint Server 2007 are affected.

The flaw was disclosed to Microsoft earlier this month by Swiss security firm High-Tech Bridge. On Wednesday, the company, whose policy is to go public with bug details two weeks after notifying the vendor, issued an advisory, which included a link to a proof-of-concept code that exploits the vulnerability.

According to High-Tech Bridge, the vulnerability is related to a script failing to properly sanitize input. The weakness could be be exploited if attackers are able to get a victim to click on a specially crafted link. A successful exploit could yield credentials to the attackers or, worse, sensitive data residing within SharePoint.

Microsoft was forced to respond because of High-Tech's disclosure and on Thursday evening it released its own advisory that offered suggested workarounds, such as restricting access to the SharePoint help.aspx XML files. In addition, Internet Explorer 8 users should ensure they have the browser's XSS filter enabled to mitigate the threat, the advisory said.

The software giant is not aware of any in-the-wild attacks exploiting the vulnerability, Jerry Bryant, group manager of response communications, said in a Thursday blog post.

Microsoft is next scheduled to release security updates on May 11.