Security News > 2020 > December > Microsoft Office security updates fix critical SharePoint RCE bugs
Microsoft has addressed critical remote code execution vulnerabilities in multiple SharePoint versions with this month's Office security updates.
Redmond also issued the December 2020 Patch Tuesday security updates, with security updates for 58 vulnerabilities, nine of them rated as Critical.
The highlights of this month's Microsoft Office security updates are without a doubt the two RCE security bugs affecting Microsoft SharePoint.
Security updates published as part of the December 2020 Patch Tuesday address bugs that could allow remote code execution on Windows systems running vulnerable Click to Run and Microsoft Installer-based editions of Microsoft Office products.
Microsoft Office security updates are delivered through the Microsoft Update platform and via the Download Center.
News URL
Related news
- Microsoft Is Disabling Default ActiveX Controls in Office 2024 to Improve Security (source)
- Microsoft Office 2024 now available for Windows and macOS users (source)
- Microsoft SharePoint RCE flaw exploits in the wild – you've had 3 months to patch (source)
- Microsoft SharePoint RCE bug exploited to breach corporate network (source)
- Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes (source)
- Week in review: Veeam Backup & Replication RCE could soon be exploited, Microsoft fixes 4 0-days (source)
- D-Link fixes critical RCE, hardcoded password flaws in WiFi 6 routers (source)
- Microsoft rolls out Office LTSC 2024 for Windows and Mac (source)
- Exploit code released for critical Ivanti RCE flaw, patch now (source)
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)