14 matches found
Security Updates for Microsoft Word Products C2R (October 2021)
The Microsoft Word Products are missing a security update. It is, therefore, affected by the following vulnerability : - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2021-40486 %NASLMINLEVEL 70300 C...
Security News: Microsoft Patch Tuesday October 2021, Autodiscover, MysterySnail, Exchange, DNS, Apache, HAProxy, VMware vCenter, Moodle
Hello everyone! This episode will be about relatively recent critical vulnerabilities. Lets start with Microsoft Patch Tuesday for October 2021. Specifically, with the vulnerability that I expected there, but it didnt get there. Autodiscover leak discovered by Guardicore Labs "Autodiscover, a...
Security Updates for Microsoft Office Web Apps (October 2021)
The Microsoft Office Web Apps installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...
CVE-2021-40486
Microsoft Word Remote Code Execution Vulnerability...
CVE-2021-40486
Microsoft Word Remote Code Execution Vulnerability...
CVE-2021-40486
CVE-2021-40486 is a Microsoft Word remote code execution vulnerability. It can be triggered by viewing a specially crafted Word document, with attack vectors potentially including the Preview Pane. Microsoft released a patch (KB5002004) in Oct 2021 addressing Word RCE (Word 2016 context in the KB...
Microsoft Office Web Apps Server 2013 Service Pack 1 Multiple Vulnerabilities (KB5002036)
This host is missing a critical security update according to Microsoft KB5002036 SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Microsoft SharePoint Enterprise Server 2016 RCE Vulnerability (KB5002006)
This host is missing a critical security update according to Microsoft KB5002006 SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Patch Tuesday, October 2021 Edition
Microsoft today issued updates to plug more than 70 security holes in its Windows operating systems and other software, including one vulnerability that is already being exploited. This months Patch Tuesday also includes security fixes for the newly released Windows 11 operating system. Separatel...
Description of the security update for Word 2013: October 12, 2021 (KB5001960)
Description of the security update for Word 2013: October 12, 2021 KB5001960 Summary This security update resolves a Microsoft Word remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2021-40486. Note: To apply this...
KLA12316 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Rich Text Edit Contr...
Security Updates for Microsoft Sharepoint Server 2016 (October 2021)
The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. CVE-2021-40484...
Security Updates for Microsoft SharePoint Server 2013 (October 2021)
The Microsoft SharePoint Server 2013 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...
Security Updates for Microsoft Word Products (October 2021)
The Microsoft Word Products are missing a security update. It is, therefore, affected by the following vulnerability : - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2021-40486 %NASLMINLEVEL 70300 C...