Description of the security update for SharePoint Server 2019: December 14, 2021 (KB5002054)

Description of the security update for SharePoint Server 2019: December 14, 2021 KB5002054 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerabilities, see t...

Description of the security update for SharePoint Server 2019: August 10, 2021 (KB5002000)

Description of the security update for SharePoint Server 2019: August 10, 2021 KB5002000 Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerability, see the Microsoft Common Vulnerabilities and Exposures CVE-2021-36940. Note: ...

Description of the security update for SharePoint Server 2019: May 11, 2021 (KB5001916)

Description of the security update for SharePoint Server 2019: May 11, 2021 KB5001916 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and a Microsoft SharePoint spoofing vulnerability and information disclosure vulnerability. To learn more...

Description of the security update for SharePoint Enterprise Server 2016: April 13, 2021 (KB4504719)

Description of the security update for SharePoint Enterprise Server 2016: April 13, 2021 KB4504719 Summary This security update resolves a Microsoft Word Remote Code Execution Vulnerability and SharePoint Denial of Service Update. To learn more about the vulnerabilities, see the following securit...

Description of the security update for SharePoint Enterprise Server 2016: November 10, 2020

Description of the security update for SharePoint Enterprise Server 2016: November 10, 2020 Notice We declare System.Web.UI.WebControls.PasswordRecovery to be an unsafe control because of security concerns. Therefore, we recommend that you no longer use it. Summary This security update resolves...

Security Updates for Microsoft Project Server (April 2020)

The Microsoft Project Server installation on the remote host is missing a security update. It is, therefore, affected by a cross-site-scripting XSS vulnerability. Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An...

Microsoft SharePoint and Project Cross-Site Scripting Vulnerability

Microsoft SharePoint and Microsoft Project are both products of Microsoft Corporation.Microsoft SharePoint is a set of enterprise business collaboration platforms that are used to integrate business information and enable sharing of work and collaboration with others, organizing projects and...

Description of the security update for Project 2016: April 14, 2020

Description of the security update for Project 2016: April 14, 2020 Summary This security update resolves a remote code execution vulnerability that exists if Microsoft Office incorrectly loads arbitrary type libraries. To learn more about the vulnerability, see Microsoft Common Vulnerabilities a...

Description of the security update for SharePoint Server 2019: April 14, 2020

Description of the security update for SharePoint Server 2019: April 14, 2020 Summary This security update resolves remote code execution vulnerabilities that exist in Microsoft SharePoint if the software does not check the source markup of an application package. To learn more about these...

Description of the security update for Project Server 2013: April 14, 2020

Description of the security update for Project Server 2013: April 14, 2020 Summary This security update resolves a cross-site-scripting XSS vulnerability that exists if Microsoft SharePoint Server does not correctly sanitize a specially crafted web request to an affected SharePoint server. To lea...

March 8, 2016, update for Project 2016 (KB3114865)

March 8, 2016, update for Project 2016 KB3114865 This article describes update KB3114865 for Microsoft Project 2016, which was released on March 8, 2016. This update has a prerequisite. Be aware that the update on the Microsoft Download Center applies to the Microsoft Installer .msi-based edition...

Description of the security update for SharePoint Server 2019: March 10, 2020

Description of the security update for SharePoint Server 2019: March 10, 2020 Summary This security update resolves a cross-site-scripting XSS vulnerability that exists if Microsoft SharePoint Server does not correctly sanitize a specially crafted web request to an affected SharePoint server. To...

Description of the security update for SharePoint Enterprise Server 2016: November 12, 2019

Description of the security update for SharePoint Enterprise Server 2016: November 12, 2019 Summary This security update resolves an information disclosure vulnerability that exists in Microsoft SharePoint if an attacker uploads a specially crafted file to the SharePoint Server. To learn more abo...

Description of the security update for SharePoint Enterprise Server 2016: October 8, 2019

Description of the security update for SharePoint Enterprise Server 2016: October 8, 2019 Summary This security update resolves a spoofing vulnerability that exists if Microsoft SharePoint Server does not correctly sanitize a specially crafted web request to an affected SharePoint server. To lear...

Description of the security update for SharePoint Server 2019: September 10, 2019

Description of the security update for SharePoint Server 2019: September 10, 2019 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft SharePoint if the software does not check the source markup of an application package. To learn more about this...

Description of the security update for SharePoint Enterprise Server 2016: August 13, 2019

Description of the security update for SharePoint Enterprise Server 2016: August 13, 2019 Summary This security update resolves a cross-site-scripting XSS vulnerability that exists if Microsoft SharePoint Server does not correctly sanitize a specially crafted web request to an affected SharePoint...

Description of the security update for SharePoint Enterprise Server 2016: July 9, 2019

Description of the security update for SharePoint Enterprise Server 2016: July 9, 2019 Summary This security update resolves an Authentication Bypass vulnerability that allows SAML tokens to be signed by using arbitrary symmetric keys in Windows Communication Foundation WCF and Windows Identity...

Description of the security update for Project Server 2010: June 11, 2019

Description of the security update for Project Server 2010: June 11, 2019 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Comm...

Microsoft Office SharePoint CVE-2019-1036 Cross Site Scripting Vulnerability

Description Microsoft Office SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...

Security Updates for Microsoft Project Server (June 2019)

The Microsoft Project Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - A cross-site-scripting XSS vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an...