A security vulnerability has been detected on Windows SharePoint Service 3.0 and MOSS 2007.

This vulnerability may allow remote attacker to inject arbitrary code. This infect the _layouts/help.aspx.

Microsoft is currently investigating to provide a solution. During this time, a workaround has been provided http://www.microsoft.com/technet/security/advisory/983438.mspx