Microsoft released Security Bulletin MS13-067 on Tuesday to fix ten vulnerabilities in SharePoint, one publicly disclosed and nine privately reported. According to Microsoft this update resolves severe vulnerabilities that could “allow remote code execution in the context of the W3WP service account if an attacker sends specially crafted content to the affected server.” The security update affects those who have:
Microsoft SharePoint Server 2007
Microsoft SharePoint Server 2010
Microsoft SharePoint Server 2013
Microsoft SharePoint Services 2.0
Microsoft SharePoint Services 3.0
Microsoft SharePoint Foundation 2010
Microsoft SharePoint Foundation 2013
Excel Services on Microsoft SharePoint Server 2007
For more specific information refer to: Microsoft Security Bulletin MS13-067.
For more information about other affected software, refer to: Microsoft Security Bulletin Summary for September 2013.
Please email us if you have any comments or questions: firstname.lastname@example.org.