Lucene search

K
mskbMicrosoftKB4462202
HistoryFeb 12, 2019 - 8:00 a.m.

Description of the security update for SharePoint Enterprise Server 2013: March 12, 2019

2019-02-1208:00:00
Microsoft
support.microsoft.com
1062

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.975 High

EPSS

Percentile

100.0%

Description of the security update for SharePoint Enterprise Server 2013: March 12, 2019

Summary

This security update resolves a remote code execution vulnerability that exists in Microsoft SharePoint if the software does not check the source markup of an application package. To learn more about this vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2019-0604.

Note To apply this security update, you must have the release version of Service Pack 1 for Microsoft SharePoint Server 2013 installed on the computer.

How to get and install the update

Method 1: Microsoft Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More Information

Security update deployment information

For deployment information about this update, see security update deployment information: March 12, 2019.

Security update replacement information

This security update replaces previously released security update 4462139.

File hash information

File name SHA1 hash SHA256 hash
coreserverloc2013-kb4462202-fullfile-x64-glb.exe 2C314B87047CBA9846B848F08B65DE8C71F6873D B7ADD4E5CB21A22E9936C616F8AE5CB31B334A83E941FDFF37DC47D28E874531

File informationDownload the list of files that are included in security update 4462202.

How to get help and support for this security update

Help for installing updates: Protect yourself online

Help for protecting your Windows-based computer from viruses and malware: Microsoft Security

Local support according to your country: International Support

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.975 High

EPSS

Percentile

100.0%