Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB4493161
HistoryJan 12, 2021 - 8:00 a.m.

Description of the security update for SharePoint Server 2019 Language Pack: January 12, 2021

2021-01-1208:00:00
Microsoft
support.microsoft.com
24

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.133 Low

EPSS

Percentile

95.5%

JSON

Description of the security update for SharePoint Server 2019 Language Pack: January 12, 2021

Summary

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2021-1715 and Microsoft Common Vulnerabilities and Exposures CVE-2021-1716.

Note To apply this security update, you must have the release version of SharePoint Server 2019 installed on the computer.

Improvements and fixes

This security update contains fixes for the following nonsecurity issues. To fix these issues completely, you have to install KB 4493162 together with this update:

  • Fixes an issue in which the navigation pane doesn’t have sufficient color contrast.
  • Fixes an issue in which focus isn’t visible in the navigation pane when you use the up and down arrow keys while the High Contrast setting mode is ON…
  • Fixes a self-service site creation form render issue at different zoom levels.
  • Fixes an issue in which the people search results don’t show the correct profile photos on modern search result pages.
  • Fixes an issue in which switching the search scope from all sites to the current site generates error messages on the current site page.
  • Fixes an issue in which the words Share '<Site Collection Name>’ in a sharing dialog box are displayed in a window that has scrollbars.
  • Fixes an issue in which elements that have an ARIA role don’t have all required ARIA attributes.
  • Fixes an issue in which a role attribute in a DocumentCard element doesn’t use a valid value.
  • Fixes an issue in which a role attribute in a DocumentCardActivity element doesn’t have a valid value.
  • Fixes an accessibility issue in which the parent and child role relationship doesn’t match in the β€œHighlighted Content” webpart.
  • Fixes an accessibility issue in which the parent and child role relationship doesn’t match in β€œNews and Activity” webparts.
  • Fixes an accessibility issue in which the parent and child role relationship doesn’t match on the β€œCommunication Site” home page.
  • Fixes an issue in which the β€œaria-label” accessibility attribute is not localized on modern sites.
  • Fixes an accessibility issue in which some buttons don’t have discernible text.
  • Fixes accessibility issues on ARIA roles of modern search filters.
  • Fix an accessibility issue on modern search filters in which the search filter menus lose focus after you switch an option by using the keyboard.
  • Fix an accessibility issue on modern search filters in which the search filter menus automatically expand when you focus it by using the keyboard.
  • Fixes an accessibility issue that the Create Site button in the**Command **bar is not defined in any Landmark.

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More information

Security update deployment information

For deployment information about this update, see security update deployment information: January 12, 2021.

Security update replacement information

This security update replaces previously released security update 4486752.

File hash information

File name SHA1 hash SHA256 hash
wssloc2019-kb4493161-fullfile-x64-glb.exe 2D342BA33EACAD2DDC923CD7847CB26C112D970C 514AC73682A8032FA5C437E4434652EBA1C9D4791E41DF550D06BDF09B01E238

File informationDownload the list of files that are included in security update 4493161.

Information about protection and security

Protect yourself online: Windows Security supportLearn how we guard against cyber threats: Microsoft Security

Related

nessus 10
mskb 12
openvas 5
prion 2
mscve 2
zdi 1
cve 2
kaspersky 1
rapid7blog 1
nessus
nessus
Security Updates for Microsoft Word Products (January 2021)
2021-01-12 00:00:00
Security Updates for Microsoft Word Products C2R (January 2021)
2022-06-10 00:00:00
Security Updates for Microsoft Office Products C2R (January 2021)
2022-06-10 00:00:00
mskb
mskb
Description of the security update for SharePoint Server 2010: January 12, 2021
2021-01-12 08:00:00
Description of the security update for SharePoint Server 2010 Office Web Apps: January 12, 2021
2021-01-12 08:00:00
Description of the security update for Word 2013: January 12, 2021
2021-01-12 08:00:00
openvas
openvas
Microsoft Word 2016 Remote Code Execution Vulnerabilities (KB4493156)
2021-01-13 00:00:00
Microsoft Word 2010 Remote Code Execution Vulnerabilities (KB4493145)
2021-01-13 00:00:00
Microsoft Word 2013 Remote Code Execution Vulnerabilities (KB4486764)
2021-01-13 00:00:00
prion
prion
Remote code execution
2021-01-12 20:15:00
Remote code execution
2021-01-12 20:15:00
mscve
mscve
Microsoft Word Remote Code Execution Vulnerability
2021-01-12 08:00:00
Microsoft Word Remote Code Execution Vulnerability
2021-01-12 08:00:00
zdi
zdi
Microsoft Word DOC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2021-01-14 00:00:00
cve
cve
CVE-2021-1715
2021-01-12 20:15:00
CVE-2021-1716
2021-01-12 20:15:00
kaspersky
kaspersky
KLA12042 Multiple vulnerabilities in Microsoft Office
2021-01-12 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - January 2021
2021-01-12 23:59:00

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.133 Low

EPSS

Percentile

95.5%

JSON
Related for KB4493161
nessus10mskb12openvas5prion2mscve2zdi1cve2kaspersky1rapid7blog1