Microsoft has addressed critical remote code execution vulnerabilities in multiple SharePoint versions with this month’s Office security updates.
In total, this month the company released 23 security updates and 5 cumulative updates for 7 different products, fixing 9 vulnerabilities that could allow attackers to execute arbitrary code remotely on vulnerable systems.
Redmond also issued the December 2020 Patch Tuesday security updates, with security updates for 58 vulnerabilities, nine of them rated as Critical.
Non-security Windows updates were also released with the Windows 10 KB4592449 and KB4592438 cumulative updates.
The highlights of this month’s Microsoft Office security updates are without a doubt the two RCE security bugs affecting Microsoft SharePoint.
While the first one tracked as CVE-2020-17121 requires attackers to have basic user privileges for exploitation, the second one tracked as CVE-2020-17118 can be exploited remotely without authentication.
For successfully exploiting CVE-2020-17118 in low complexity attacks, attackers are also required to trick targets into opening maliciously crafted Office files.
Based on the information provided by Microsoft in the security advisory, CVE-2020-17118 proof-of-concept exploit code is also available (although probably shared privately) —
Also Read: How a Smart Contract Audit Works and Why it is Important
The bug was discovered by Jonathan Birch, a Senior Security Software Engineer with the Microsoft Office Security Team and it affects Microsoft SharePoint Server 2019, Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Foundation 2013 Service Pack 1, and Microsoft SharePoint Foundation 2010 Service Pack 2.
“The code or technique is not functional in all situations and may require substantial modification by a skilled attacker,” Microsoft explains.
Security updates published as part of the December 2020 Patch Tuesday address bugs that could allow remote code execution (RCE) on Windows systems running vulnerable Click to Run and Microsoft Installer (.msi)-based editions of Microsoft Office products.
The 9 RCE bugs patched this month are rated by Microsoft as Critical or Important severity issues as they may allow attackers to execute arbitrary code in the context of the current user after successful exploitation.
The attackers could then install malicious programs, view, change, and delete data, as well as create rogue admin accounts on the compromised Windows devices.
| Tag | CVE ID | Title | Severity |
| Microsoft Office | CVE-2020-17130 | Microsoft Excel Security Feature Bypass Vulnerability | Important |
| Microsoft Office | CVE-2020-17128 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2020-17129 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2020-17124 | Microsoft PowerPoint Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2020-17123 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2020-17119 | Microsoft Outlook Information Disclosure Vulnerability | Important |
| Microsoft Office | CVE-2020-17125 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2020-17127 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2020-17126 | Microsoft Excel Information Disclosure Vulnerability | Important |
| Microsoft Office | CVE-2020-17122 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-17115 | Microsoft SharePoint Spoofing Vulnerability | Moderate |
| Microsoft Office SharePoint | CVE-2020-17120 | Microsoft SharePoint Information Disclosure Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-17121 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical |
| Microsoft Office SharePoint | CVE-2020-17118 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical |
| Microsoft Office SharePoint | CVE-2020-17089 | Microsoft SharePoint Elevation of Privilege Vulnerability | Important |
Microsoft Office security updates are delivered through the Microsoft Update platform and via the Download Center.
More details about each of them including CVE IDs are available within the knowledge base articles linked below.
To download the December 2020 Microsoft Office security updates, click on the corresponding knowledge base article below and then scroll down to the ‘How to download and install the update‘ section.
Also Read: Data Centre Regulations Singapore: Does It Help To Progress?
| Product | Knowledge Base article title and number |
|---|---|
| Excel 2016 | Security update for Excel 2016 (KB4486754) |
| Office 2016 | Security update for Office 2016 (KB4486757) |
| Outlook 2016 | Security update for Outlook 2016 (KB4486748) |
| PowerPoint 2016 | Security update for PowerPoint 2016 (KB4484393) |
| Product | Knowledge Base article title and number |
|---|---|
| Excel 2013 | Security update for Excel 2013 (KB4493139) |
| Office 2013 | Security update for Outlook 2013 (KB4486732) |
| PowerPoint 2013 | Security update for PowerPoint 2013 (KB4484468) |
| Product | Knowledge Base article title and number |
|---|---|
| Excel 2010 | Security update for Excel 2010 (KB4493148) |
| Office 2010 | Security update for Office 2010 (KB4493140) |
| Office 2010 | Security update for Office 2010 (KB4486698) |
| Outlook 2010 | Security update for Outlook 2010 (KB4486742) |
| PowerPoint 2010 | Security update for PowerPoint 2010 (KB4484372) |
| Product | Knowledge Base article title and number |
|---|---|
| Office Online Server | Security update for Office Online Server (KB4486750) |
| SharePoint Server 2019 | Security update for SharePoint Server 2019 (KB4486751) |
| SharePoint Server 2019 Language Pack | Security update for SharePoint Server 2019 Language Pack (KB4486752) |
| Product | Knowledge Base article title and number |
|---|---|
| SharePoint Enterprise Server 2016 | Security update for SharePoint Enterprise Server 2016 (KB4486753) |
| SharePoint Enterprise Server 2016 | Security update for SharePoint Enterprise Server 2016 (KB4486721) |
| Product | Knowledge Base article title and number |
|---|---|
| Office Web Apps Server 2013 | Security update for Office Web Apps Server 2013 (KB4486760) |
| Project Server 2013 | Cumulative update for Project Server 2013 (KB4486763) |
| SharePoint Enterprise Server 2013 | Cumulative update for SharePoint Enterprise Server 2013 (KB4493137) |
| SharePoint Foundation 2013 | Cumulative update for SharePoint Foundation 2013 (KB4486761) |
| SharePoint Foundation 2013 | Security update for SharePoint Foundation 2013 (KB4493138) |
| SharePoint Foundation 2013 | Security update for SharePoint Foundation 2013 (KB4486696) |
| Product | Knowledge Base article title and number |
|---|---|
| Project Server 2010 | Cumulative update for Project Server 2010 (KB4493144) |
| SharePoint Foundation 2010 | Security update for SharePoint Foundation 2010 (KB4493149) |
| SharePoint Server 2010 | Cumulative update for SharePoint Server 2010 (KB4493146) |
| SharePoint Server 2010 | Security update for SharePoint Server 2010 (KB4486697) |
| SharePoint Server 2010 Office Web Apps | Security update for SharePoint Server 2010 Office Web Apps (KB4486704) |
Established in 2018, Privacy Ninja is a Singapore-based IT security company specialising in data protection and cybersecurity solutions for businesses. We offer services like vulnerability assessments, penetration testing, and outsourced Data Protection Officer support, helping organisations comply with regulations and safeguard their data.
Singapore
7 Temasek Boulevard,
#12-07, Suntec Tower One,
Singapore 038987
