Warning: Vulnerability in Microsoft SharePoint Could Allow Elevation of Privilege

If you are running your own SharePoint infrastructure, you should take a look at a Security Advisory: http://www.microsoft.com/technet/security/advisory/983438.mspx

Microsoft is investigating new public reports of a possible vulnerability in Microsoft Windows SharePoint Services 3.0 and Microsoft Office SharePoint Server 2007. The vulnerability could allow an attacker to run arbitrary script that could result in elevation of privilege within the SharePoint site, as opposed to elevation of privilege within the workstation or server environment.

Affected Products: WSS V3 and MOSS 2007

Not affected Products: WSS V2 /SharePoint Portal Server 2003 and older products and SharePoint 2010

Suggested Action

Restrict Access to SharePoint Help.aspx

An administrator can apply an access control list to SharePoint Help.aspx to ensure that they can no longer be loaded. This effectively prevents exploitation of the vulnerability using this attack vector.

To restrict access to the vulnerable Help.aspx:

Run the following commands from a command prompt:
cacls “%ProgramFiles%\Common Files\Microsoft Shared\Web Server Extensions\12\TEMPLATE\LAYOUTS\Help.aspx” /E /P everyone:N
cacls “%ProgramFiles(x86)%\Common Files\Microsoft Shared\Web Server Extensions\12\TEMPLATE\LAYOUTS\Help.aspx” /E /P everyone:N