Security News > 2020 > December > Microsoft Office security updates fix critical SharePoint RCE bugs
Microsoft has addressed critical remote code execution vulnerabilities in multiple SharePoint versions with this month's Office security updates.
Redmond also issued the December 2020 Patch Tuesday security updates, with security updates for 58 vulnerabilities, nine of them rated as Critical.
The highlights of this month's Microsoft Office security updates are without a doubt the two RCE security bugs affecting Microsoft SharePoint.
Security updates published as part of the December 2020 Patch Tuesday address bugs that could allow remote code execution on Windows systems running vulnerable Click to Run and Microsoft Installer-based editions of Microsoft Office products.
Microsoft Office security updates are delivered through the Microsoft Update platform and via the Download Center.
News URL
Related news
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- 3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update (source)
- Microsoft ends support for Office apps on Windows 10 in October (source)
- Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation (source)
- Microsoft fixes Office 365 apps crashing on Windows Server systems (source)
- ‘Sneaky Log’ Microsoft Spoofing Scheme Sidesteps Two-Factor Security (source)
- Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs (source)