Microsoft Bulletin MS2013-067 – SharePoint 2013 Online

Microsoft Bulletin MS2013-067 – SharePoint 2013 Online

This week microsoft published the new security bulletins of 2013 september. In February the issue has been reported to the microsoft security response centers responsible - public disclosure program. The issue was for fail publish 2 month ago without full details, references and ids. After a little patch of our internal disclosure procedure system, microsoft accepted the issue for the bulletin program acknowledgment. The vulnerability was created to confirm the exist of the possibility to inject script code to elevate the sharepoint online 2013 software user privileges. The inject comes up from the online service and gets executed persistent in the software core.

Lets review first the full update listing of the september #1 security bulletins with id and severity.


Subscribe to RSS - Videos