Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB5002352
HistoryFeb 14, 2023 - 8:00 a.m.

Description of the security update for SharePoint Server Subscription Edition Language Pack: February 14, 2023 (KB5002352)

2023-02-1408:00:00
Microsoft
support.microsoft.com
39

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.454 Medium

EPSS

Percentile

97.4%

JSON

Description of the security update for SharePoint Server Subscription Edition Language Pack: February 14, 2023 (KB5002352)

Summary

This security update resolves a Microsoft Word remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2023-21716.

Notes:

  • This is build 16.0.15601.20478 of the security update package.
  • To apply this security update, you must have the release version of Microsoft SharePoint Server Subscription Edition installed on the computer.

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More information

Security update deployment information

For deployment information about this update, see Deployments - Security Update Guide.

Security update replacement information

This security update replaces previously released security update 5002291.

File hash information

File name SHA256 hash
wssloc-subscription-kb5002352-fullfile-x64-glb.exe DA446C237E63A0E8AED6AE6550126B5154817B02CBA616540E9E17279DE2EEA5

File information

Download the list of files that are included in security update 5002352.

Information about protection and security

Protect yourself online: Windows Security supportLearn how we guard against cyber threats: Microsoft Security

Related

prion 1
openvas 3
nessus 12
attackerkb 1
mskb 11
mscve 1
cve 1
githubexploit 2
cnvd 1
avleonov 2
kaspersky 1
krebs 1
talosblog 1
malwarebytes 1
qualysblog 1
rapid7blog 1
prion
prion
Remote code execution
2023-02-14 20:15:00
openvas
openvas
Microsoft Word 2016 Remote Code Execution Vulnerability (KB5002323)
2023-02-15 00:00:00
Microsoft Office Outlook 2019 RCE Vulnerability (Feb 2023) - Mac OS X
2023-02-15 00:00:00
Microsoft Word 2013 Service Pack 1 Remote Code Execution Vulnerability (KB5002316)
2023-02-15 00:00:00
nessus
nessus
Security Updates for Microsoft SharePoint Server Subscription Edition Language Pack (February 2023)
2023-02-17 00:00:00
Security Updates for Microsoft Word Products (February 2023)
2023-02-14 00:00:00
Security Updates for Microsoft Office Online Server (February 2023)
2023-02-17 00:00:00
attackerkb
attackerkb
CVE-2023-21716
2023-02-14 00:00:00
mskb
mskb
Description of the security update for Word 2013: February 14, 2023 (KB5002316)
2023-02-14 08:00:00
Description of the security update for Office Online Server: February 14, 2023 (KB5002309)
2023-02-14 08:00:00
Description of the security update for Word 2016: February 14, 2023 (KB5002323)
2023-02-14 08:00:00
mscve
mscve
Microsoft Word Remote Code Execution Vulnerability
2023-02-14 08:00:00
cve
cve
CVE-2023-21716
2023-02-14 20:15:14
githubexploit
githubexploit
Exploit for Vulnerability in Microsoft
2023-03-24 15:58:25
Exploit for Vulnerability in Microsoft
2023-03-07 15:03:43
cnvd
cnvd
Microsoft Word Remote Code Execution Vulnerability (CNVD-2023-14998)
2023-02-17 00:00:00
avleonov
avleonov
Vulristics News: EPSS v3 Support, Integration into Cloud Advisor
2023-04-23 23:11:58
Microsoft Patch Tuesday February 2023: Win Graphics RCE, Edge RCE, Publisher SFB, CLFS EoP, Exchange RCEs, Word RCE, HoloLens1
2023-02-26 16:37:52
kaspersky
kaspersky
KLA20229 Multiple vulnerabilities in Microsoft Office
2023-02-14 00:00:00
krebs
krebs
Microsoft Patch Tuesday, February 2023 Edition
2023-02-14 21:01:41
talosblog
talosblog
Microsoft Patch Tuesday for February 2023 β€” Snort rules and prominent vulnerabilities
2023-02-14 18:09:22
malwarebytes
malwarebytes
Update now! February's Patch Tuesday tackles three zero-days
2023-02-15 03:00:00
qualysblog
qualysblog
The FebruaryΒ 2023 Patch Tuesday Security Update Review
2023-02-15 00:56:48
rapid7blog
rapid7blog
Patch Tuesday - February 2023
2023-02-15 00:41:59

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.454 Medium

EPSS

Percentile

97.4%

JSON
Related for KB5002352
prion1openvas3nessus12attackerkb1mskb11mscve1cve1githubexploit2cnvd1avleonov2kaspersky1krebs1talosblog1malwarebytes1qualysblog1rapid7blog1