Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB5001914
HistoryMay 11, 2021 - 7:00 a.m.

Description of the security update for Office Online Server: May 11, 2021 (KB5001914)

2021-05-1107:00:00
Microsoft
support.microsoft.com
14

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.106 Low

EPSS

Percentile

94.9%

JSON

Description of the security update for Office Online Server: May 11, 2021 (KB5001914)

Summary

This security update resolves a Microsoft Excel remote code execution vulnerability and Office information disclosure vulnerability. To learn more, see the following security advisories:

**Note:**To apply this security update, you must have the release version of Microsoft Office Online Server installed on the computer.

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More information

Security update deployment information

For deployment information about this update, see Security update deployment information: May 11, 2021.

Security update replacement information

This security update replaces previously released security update 4504714.

File hash information

File name SHA256 hash
wacserver2019-kb5001914-fullfile-x64-glb.exe C33A6A5F9CF3127354AA4C9F43AB09A2785C6988550B8B200883C3DA41023085

File information

Download the list of files that are included in security update 5001914.

Information about protection and security

Protect yourself online: Windows Security supportLearn how we guard against cyber threats: Microsoft Security

Related

mskb 5
nessus 6
openvas 4
thn 1
prion 5
mscve 5
kaspersky 1
cve 5
zdi 2
rapid7blog 1
qualysblog 1
mskb
mskb
Description of the security update for Excel 2013: May 11, 2021 (KB5001936)
2021-05-11 07:00:00
Description of the security update for Office Web Apps Server 2013: May 11, 2021 (KB5001928)
2021-05-11 07:00:00
Description of the security update for Excel 2016: May 11, 2021 (KB5001918)
2021-05-11 07:00:00
nessus
nessus
Security Updates for Microsoft Excel Products C2R (May 2021)
2022-06-10 00:00:00
Security Updates for Microsoft Excel Products (May 2021)
2021-05-11 00:00:00
Security Updates for Microsoft Office Web Apps (May 2021)
2021-05-11 00:00:00
openvas
openvas
Microsoft Office 2016 Remote Code Execution Vulnerabilities (KB5001923)
2021-05-12 00:00:00
Microsoft Office Remote Code Execution Vulnerabilities (KB5001927)
2021-05-12 00:00:00
Microsoft Excel 2016 Multiple Vulnerabilities (KB5001918)
2021-05-12 00:00:00
thn
thn
New UAF Vulnerability Affecting Microsoft Office to be Patched Today
2021-06-08 10:31:00
prion
prion
Information disclosure
2021-05-11 19:15:00
Information disclosure
2021-05-11 19:15:00
Remote code execution
2021-05-11 19:15:00
mscve
mscve
Microsoft Office Remote Code Execution Vulnerability
2021-05-11 07:00:00
Microsoft Excel Information Disclosure Vulnerability
2021-05-11 07:00:00
Microsoft Office Information Disclosure Vulnerability
2021-05-11 07:00:00
kaspersky
kaspersky
KLA12175 Multiple vulnerabilities in Microsoft Office
2021-05-11 00:00:00
cve
cve
CVE-2021-31178
2021-05-11 19:15:00
CVE-2021-31179
2021-05-11 19:15:00
CVE-2021-31174
2021-05-11 19:15:00
zdi
zdi
Microsoft Excel XLS File Parsing Use-After-Free Remote Code Execution Vulnerability
2021-05-13 00:00:00
Microsoft Office Graph Use-After-Free Remote Code Execution Vulnerability
2021-05-13 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - May 2021
2021-05-11 23:44:00
qualysblog
qualysblog
Microsoft & Adobe Patch Tuesday (May 2021) – Qualys covers 85 Vulnerabilities, 26 Critical
2021-05-11 21:53:37

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.106 Low

EPSS

Percentile

94.9%

JSON
Related for KB5001914
mskb5nessus6openvas4thn1prion5mscve5kaspersky1cve5zdi2rapid7blog1qualysblog1