Security News > 2020 > December > Microsoft Office security updates fix critical SharePoint RCE bugs
Microsoft has addressed critical remote code execution vulnerabilities in multiple SharePoint versions with this month's Office security updates.
Redmond also issued the December 2020 Patch Tuesday security updates, with security updates for 58 vulnerabilities, nine of them rated as Critical.
The highlights of this month's Microsoft Office security updates are without a doubt the two RCE security bugs affecting Microsoft SharePoint.
Security updates published as part of the December 2020 Patch Tuesday address bugs that could allow remote code execution on Windows systems running vulnerable Click to Run and Microsoft Installer-based editions of Microsoft Office products.
Microsoft Office security updates are delivered through the Microsoft Update platform and via the Download Center.
News URL
Related news
- Microsoft 365 outage takes down Office web apps, admin center (source)
- Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities (source)
- Apache issues patches for critical Struts 2 RCE bug (source)
- Critical security hole in Apache Struts under exploit (source)
- Microsoft fixes bug behind random Office 365 deactivation errors (source)
- Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API (source)
- The ongoing evolution of the CIS Critical Security Controls (source)
- Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)