Microsoft released 'MS10-030 and MS10-031' bulleting and Security Advisory 983438 addressing XSS vulnerability in SharePoint Server

Microsoft released two security bulletins, “MS10-030 is a Windows-based update resolving one vulnerability affecting Outlook Express, Windows Mail and Windows Live Mail. Windows 2000, XP, Vista, Server 2003, and Server 2008 all have a severity rating of Critical. Windows 7 and Windows Server 2008 R2 are rated Important when an affected mail client is installed. […]

Microsoft released two security bulletins, “MS10-030 is a Windows-based update resolving one vulnerability affecting Outlook Express, Windows Mail and Windows Live Mail. Windows 2000, XP, Vista, Server 2003, and Server 2008 all have a severity rating of Critical. Windows 7 and Windows Server 2008 R2 are rated Important when an affected mail client is installed. And, MS10-031 addresses one vulnerability in Microsoft Visual Basic for Applications (VBA). This security update is rated Critical for Microsoft VBA SDK 6.0 and third-party applications that use Microsoft VBA.Our deployment priority guidance reflects the reduced exploitability index ratings for these bulletins. We have also provided the usual Risk & Impact slide showing the aggregate severity and exploitability index ratings. Security Advisory 983438 is available and includes workarounds for customers regarding a cross-site scripting (XSS) vulnerability in SharePoint Server. We’re not aware of any active attacks at this time and we’ll continue to monitor the threat landscape and post an updated security advisory should it be needed,” writes Microsoft.

Get Microsoft Silverlight

[Source]