Microsoft Warns - Zero-day Vulnerability in SharePoint Server

As per a security advisory issued by the software giant Microsoft in the last week of April, 2010, the SharePoint users must be wary of a zero day vulnerability.

According to Microsoft, the flaw could be misused to launch a browser-based attack. The vulnerability is a gateway for hackers to launch elevation of privilege attacks in the SharePoint website against launching elevation of privilege attacks in the server environment or workstation.

During the attack, cyber crooks could gain access to SharePoint Server by crafting and forwarding an infected Web link planted in an e-mail, usually through some type of social engineering scheme aimed at organization's users. A victim would download the malicious code by clicking on the infected link.

Another advisory warning was issued by the security researchers at Switzerland-based security firm 'High-Tech Bridge SA.' The firm first spotted the vulnerability in Share Point and said that cyber crooks could easily gain admission into the SharePoint Server with the help of this flaw and take control of highly critical data, including intellectual property and corporate assets.

The security firm further added that if this vulnerability was exploited by the hackers, they would easily compromise the application, steal cookie-based authentication credentials and reveal or change sensitive data.

Notably, the software giant didn't give more information regarding other types of possible attacks or the implications and severity of this vulnerability.

The vulnerability could be attributed to the failure of "/_layouts/help.aspx" script to adequately sanitize the input supplied by the user in "cid0" variable. Due to this vulnerability, SharePoint Services 3.0 Proof of concept code is publicly available and SharePoint Server 2007 is highly affected.

Jerry Bryant, Group Manager of Response Communications at Microsoft, said that the company didn't have any idea of active attacks tried to exploit the vulnerability, as per the news published by SearchSecurity on May 3, 2010.

According to Jason Miller, Data and Security Team Manager for Patch Management firm Shavlik Technologies, the most awful case with this flaw is that the HACKER actually gets an individual to phish a malicious link, which would facilitate the attacker to execute arbitrary SharePoint Server or JavaScript, as reported by ChannelWeb on April 30, 2010.

Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails

» SPAMfighter News - 5/12/2010