Security News > 2021 > February > Microsoft Office February security updates patch Sharepoint, Excel RCE bugs

Microsoft has addressed important severity remote code execution vulnerabilities affecting multiple Office products in the January 2021 Office security updates.

Microsoft also released non-security Office updates last week addressing bugs that may lead to PowerPoint crashes and other issues affecting Windows Installer editions of Office 2016, Office 2013, and Office 2010 products.

The company issued the February 2021 Patch Tuesday updates yesterday, with patches for a Windows Win32k elevation of privilege zero-day exploited in the wild and 56 other security vulnerabilities, 11 of them classified as critical severity.

Microsoft urged customers to install security updates for three critical and high severity Windows TCP/IP security bugs as soon as possible due to the elevated exploitation risk and potential denial-of-service attacks that could soon target unpatched systems.

This month's Office security updates address bugs exposing Windows systems running vulnerable Click to Run and Microsoft Installer-based editions of Microsoft Office products to remote code execution, information disclosure, and spoofing attacks.

Microsoft Office security updates can be installed through the Microsoft Update platform or via Microsoft's Download Center.

News URL

https://www.bleepingcomputer.com/news/security/microsoft-office-february-security-updates-patch-sharepoint-excel-rce-bugs/