Microsoft offered an interim work-around for a SharePoint bug that involved disabling access to the help system by running a pair of commands from the command prompt. The commands modify the access control list (ACL), Windows list of file access permissions. An attacker stole FireEye s Red Team assessment tools that the company uses to test its customers security. The phones of 36 journalists were infected by four APTs, possibly linked to Saudi Arabia or the UAE. Read the full article.
Source: https://threatpost.com/ms-offers-sharepoint-zero-day-workaround-043010/73905/