MS07-059: Vulnerability in Windows SharePoint Services 3.0 and in SharePoint Server 2007 could result in elevation of privilege within the SharePoint site

This article has been archived. It is offered "as is" and will no longer be updated.
Microsoft has released security bulletin MS07-059. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites:
More information

Known issues with this security update

  • After you install this update, the title of the SharePoint site in Welcome e-mail messages becomes an invalid hyperlink. This hyperlink points to the relative URL of the Home Page of the SharePoint site.

    Note The Welcome e-mail message is sent when an account is added to a SharePoint group. For example, if the account is added to a group on the root of the site, the title of the site in the e-mail will be a hyperlink that points to "/." If the account is added to a group on a sub-site, the hyperlink resembles the following:
For more information about known issues with this update, see the following articles in the Microsoft Knowledge Base:
934525 Description of the security update for Windows SharePoint Services 3.0: October 9, 2007
937832 Description of the security update for SharePoint Server 2007: October 9, 2007
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000

Article ID: 942017 - Last Review: 01/16/2015 02:32:35 - Revision: 5.0

Microsoft Office SharePoint Server 2007, Microsoft Windows SharePoint Services 3.0

  • kbnosurvey kbarchive kbexpertisebeginner kbqfe kbsecurity kbsecbulletin kbsecvulnerability kbbug kbfix KB942017