Description of the security update for SharePoint Server 2019 Language Pack: December 9, 2025 (KB5002802)

Description of the security update for SharePoint Server 2019 Language Pack: December 9, 2025 KB5002802 Summary Important: If you're running 2013-type workflows, you mustinstall the August 2025 update for SharePoint Workflow Manager to your farm before you install this cumulative update.​​​​​​​ I...

Description of the security update for SharePoint Server 2016: December 9, 2025 (KB5002821)

Description of the security update for SharePoint Server 2016: December 9, 2025 KB5002821 Summary Important: If you're currently running SharePoint Workflow Manager, you must install the SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If you're...

CVE-2025-59222 Microsoft Word Remote Code Execution Vulnerability

...

Description of the security update for SharePoint Server 2016: October 14, 2025 (KB5002788)

Description of the security update for SharePoint Server 2016: October 14, 2025 KB5002788 Summary Important: If you're running 2013-type workflows, you must install the August 2025 update for SharePoint Workflow Manager to your farm before you install this cumulative update.​​​​​​​ If you're...

Description of the security update for SharePoint Server 2016 Language Pack: October 14, 2025 (KB5002787)

Description of the security update for SharePoint Server 2016 Language Pack: October 14, 2025 KB5002787 Summary Important: If you're running Microsoft SharePoint Server 2013-type workflows, you mustinstall the August 2025 update for SharePoint Workflow Manager to your farm before you install this...

CVE-2025-24079 Microsoft Word Remote Code Execution Vulnerability

...

CVE-2023-36762 Microsoft Word Remote Code Execution Vulnerability

...

Description of the security update for SharePoint Enterprise Server 2016 Language Pack: February 14, 2023 (KB5002325)

Description of the security update for SharePoint Enterprise Server 2016 Language Pack: February 14, 2023 KB5002325 Summary This security update resolves a Microsoft SharePoint Server elevation of privilege vulnerability and Microsoft Word remote code execution vulnerability. To learn more about...

PT-2023-1608

Name of the Vulnerable Software and Affected Versions Microsoft Word affected versions not specified Description The issue is related to a buffer overflow in memory, allowing remote attackers to execute arbitrary code by opening a specially crafted file. This can affect the system. The...

CVE-2021-40486 Microsoft Word Remote Code Execution Vulnerability

...

Description of the security update for SharePoint Server 2010 Office Web Apps: April 13, 2021 (KB4504705)

Description of the security update for SharePoint Server 2010 Office Web Apps: April 13, 2021 KB4504705 Summary This security update resolves a Microsoft Word remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...

Microsoft Issues March 2020 Updates to Patch 115 Security Flaws

Microsoft today released security updates to fix a total of 115 new security vulnerabilities in various versions of its Windows operating system and related software—making March 2020 edition the biggest ever Patch Tuesday in the company's history. Of the 115 bugs spanning its various products —...

CVE-2019-1201

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. The file could th...

CVE-2018-8539

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft SharePoint Server, Microsoft Office. This CVE ID is unique from CVE-2018-8573...

CVE-2018-0849

Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is...