Skip to navigation
   
Davey Winder's Blog
RSS

No SharePoint fix any time soon

By Davey Winder in Editorial

Posted in SharePoint, Microsoft on September 9, 2007 at 11:59 am

Permalink | Author Profile

You would think that a flaw in something like the SharePoint software that is important enough to be rated, well, important, by Microsoft would be high on the list of priorities to fix. You would have thought that this privilege flaw, that might give a would be attacker access to resources they should not be able to see would be rolled out in the September updates. You could expect users of Windows SharePoint Services 3.0 on Windows Server 2003 and Office SharePoint server 2007 to be a little miffed if Microsoft was to decline to roll out said fix in September, when it had been slated for release then. And I will put money on said users being not at all happy at Microsoft for declining to comment if the patch will be available in October, or November, or ever for that matter.

Sure, we all know that Microsoft has something of a problem in getting fixes out in a timely manner, usually blaming quality control issues. Sure , we all know that there are millions of lines of code to work through, and that any fix has to be tested to ensure it maintains compatibility with other applications.

But we also all know that another month delayed means there is another month for the bad guys to exploit the vulnerability and make life difficult for all of us. It is not as if this is a newly discovered flaw after all, it was disclosed to the public way back in May.
Perhaps we can just be grateful that, as far as the security vendors I have spoken to at least, there have been no known exploits as a result. Known is the key word there, as the whole security exploit sector is one lived in dark corners and spoken about in whispers.

Roll on Tuesday October 9th, and hopefully Microsoft will roll out the SharePoint patch at long last.

12345
Not yet rated
Loading ... Loading ...

Previous Post | Next Post

 
 
Comments

Trackback by Nick Tito - February 9, 2012 on 8:07 am

will smith greatest hits flac…

[…]the basis for a lot of practices whether alone or likeĀ […]…

Make a comment

* required

* required

We stop spam using reCaptcha.
Type the words below and click Submit Comment.

   
Tag cloud

scan Top 500 prison fun Voice patch management search standards Big Brother IP Architecture Government tax development iPhone 3GS wifi Retail smartphone crime Project Internet Jobs migration CAPTCHA ecommerce Trousers OCR dumb compromise Networks Parenting MSNBC data sick Eee PC theft hardware information Zango Gartner Psion money Video graphics Mobile Phone Internet Explorer e-commerce IBM hacker Ballmer cloud SSL virus remote working productivity Banned Space Mars mail report Apple family e Music avatar Vista GMail Europe worm Acer Research adware email iPad meme politics malware shopping App Store Steve Ballmer IDC credit card fraud web IT Psychic iPod virtual world encryption McKinnon help fool Mafia Twitter AMD universe workplace Browsers security botnet Steve Jobs Guardian services Blog social networking Health Rant innovation Scotland rootkits Texas Instruments service Sony Web Development RAM credit crunch symantec Tesco Performance computing Army web 2.0 computers Sex banking trust gaming Intel teleworking Microchip network biometrics hypervisor black hat spending Obama VPN storage XP hubdub RATM Military Study Deal code EU console debian books second life spam Children Dell Lotus Johnny Depp BOFH millions news survey ISP fake data protection YouTube Top 10 archiving OS economics statistics Rumour Meh digitise Addiction Google home Windows 7 Gateway Battery Spotify disclosure GSM NBC Energy FBI App Apps Eee Hack Application Media SMS world of warcraft printing monetisation Enterprise China Texting Programming games Firefox management support Business Kaspersky Russia broadband Kindle InfoSec Palm Kin BSI office green Browser nightmare Backlash Software privacy ID Theft DNS Election science Conference Digital Footprint open source Porn museum snooping terrorism Analysis Gadget ASUS Nintendo Michael Jackson HPC Pirate Recall VM USA banks football Harry Potter Bill Gates Palm Pre scam global Advertising VeriSign virtual machine students Experiment Beta technology Jesus Phone computing stupid ROFL law memory campaign Supercomputer eBook MiniBook staffing phishing virtualisation computer Adobe Data Centre Madness linkedin Game NASA Kill Switch Yahoo christmas payment server scareware economy Press policy desktop poll stupidity Trojan man-in-the-middle Paris Hilton chips MessageLabs Finjan Cisco work earth hour Linux gadgets Patents Windows Phone 7 Series carbon copy ISPA iPhone Microsoft Amazon admin fraud MSN iPhone 3G Review Android The Federation Funny Digg xmas Noro Developers mobile Olympics library copyright Employment Mobile Phones Licensing lawsuit remote Windows parental control Netbook Nexus hoax Silverlight PS3 School Education surveys outsourcing hacking Opinion exploit Geeks Facebook betting recession size Flash Notebooks tech Marketing transactional security President acquisition patent worker Google Earth documentation HP payments Blogging holidays environment Death
Advertisement

   
Archives

   
Most commented posts

   
Highest Rated Blog Posts

Advertisement