Severity Rating: Critical
Revision Note: V1.3 (November 6, 2013): Corrected the product name for the Microsoft Office Web Apps Server 2013 (2817305) update. This is an informational change only. There were no changes to the update files or detection logic. Customers who have not applied the 2817305 update should reevaluate the applicability of the update for their environments based on the corrected information.
Summary: This security update resolves one publicly disclosed vulnerability and nine privately reported vulnerabilities in Microsoft Office Server software. The most severe vulnerability could allow remote code execution in the context of the W3WP service account if an attacker sends specially crafted content to the affected server.
Powered by WPeMatico