The technet security bulletin for ms10-072 discusses solution to SharePoint Services 3.0 for a multiple cross site scripting vulnerability. I have gone through all the solutions suggested. My updates show KB2345304 is installed on the server (Server 2008 R2). I did a workaround suggested for adding host names loopback in a registry setting called BackConnectionHostNames. I ran the Sharepoint Technology Configuration Wizard and restarted the server. My server is configured to receive windows updates automatically and they are all current. Is there anything else I can do to make sure the updates are applied and running for Sharepoint Services 3.0 to eliminate this risk?

Hello , Thank you for your question. I am trying to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience. Thank you for your understanding and support.

Hello I have a couple of questions to have a better understanding ... Are you having any security issues now with regards to "multiple cross site scripting vulnerability"? Are you trying to find out if your system is secure? Follow this link to find tools which you can use to scan your environment/farm and detect of any security issue <http://technet.microsoft.com/en-us/security/cc297183.aspx#EPC> Try the following tools =>"Microsoft Baseline Security Analyzer" ,"Windows Server Update Services","Microsoft Assessment and Planning (MAP) Toolkit for PC Security Assessment","Microsoft Security Assessment Tool (MSAT)" Update us if you have any issues from the scan results. Thanks, Manas

I am trying to get approved for PCI compliance by the vendor performing our scan and we keep failing for this issue. I cannot get the MBSA installed, I download the version MBSA-setup-64-en and when I try to install it returns the error the installation package is not supported by the processor type. I am installing it on Server 2008 R2 which I was told is 64-bit. So should I try to install the x86 version instead?

Problems with installing MBSA should go to a forum for MBSA - not here. If there isn't a MBSA forum then a security forum. Here we can just note that you are having problems in installing MBSA but it's not the job of the SharePoint forums to help you to do so. I.e. post a question to a more suitable forum and let this thread know the result from there. Moderator pre-SP 2010 forums SP 2010 "FAQ" (mainly useful links): http://wssv4faq.mindsharp.com/default.aspx WSS3/MOSS FAQ (FAQ and Links) http://wssv3faq.mindsharp.com/default.aspx Both also have links to extensive book lists and to (free) on-line chapters

I'm not really asking for help with installing MBSA. I am just informing Manas that it might not be the solution I need. My real problem remains a WSS issue. You once before deleted my posting for help. So I feel like I am going round and round without progress. We are willing to pay for a solution. If you will allow my original question the details from the vendor suggest a MS patch but it has not fixed the problem: Synopsis : The remote host is affected by multiple cross-site scripting vulnerabilities. Description : The version of SharePoint Services, SharePoint Server installed on the remote host has multiple cross-site scripting vulnerabilities. A remote attacker could exploit them by tricking a user into making a malicious request, resulting in arbitrary script code execution. See also : http://archives.neohapsis.com/archives/f ulldisclosure/2010-08/0179.html Solution: Microsoft has released a set of patches for SharePoint Services 3.0 and SharePoint Server 2007: http://www.microsoft.com/technet/securit y/bulletin/ms10-072.mspx Risk Factor: Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N) CVSS Temporal Score : 4.1 (CVSS2#E:F/RL:U/RC:ND) Public Exploit Available : true CVE : CVE-2010-3243, CVE-2010-3324 BID : 42467, 43703 Other references : OSVDB:68548, OSVDB:68123, MSFT:MS10-072 [More] Maybe cross site scripting vulnerabilities have nothing to do with WSS. I don't know. I'm just moving forward with the information they provided that it is specific to SharePoint Services. If the vendor is wrong please let me know so I can send them your explanation. If they are right, please help me find a solution so we can overcome this risk and be approved for PCI compliance. If I need to pay for someone to remote access and fix this then we will gladly do so, but we have been turned away when we call Microsoft for help and told to post to this forum for a solution. The vendor we are using is called Security Metrics.

Hello, We would need more clarification on certain aspects with regards to your issue. Please let us know the answers to question I have asked on my post above. Are you having any security issues now with regards to "multiple cross site scripting vulnerability" or are you trying to find out if your system is secure ,please let us know. I understand you followed instructions and applied all updates needed. The security tools i provided link before was just to help detect any security issue. From the info you provided, i will need a little bit more of environment information for your Sharepoint service . What the dll versions do you have for OWSSVR.DLL and MICROSOFT.SHAREPOINT.PORTAL.DLL ? You can find this at %systemdrive%\program files\common files\microsoft shared\web server extensions\12\isapi. Please let us know Thanks, Manas

We never succeeded with an automated PCI compliance scan even after making all the suggested changes by the vendor and Microsoft. We finally got resolution by contacting the vendor running the scan for us and making a manual exception to override the results and we passed. So I can only suggest you do the same and hopefully your compliance vendor will give you approval.