Microsoft has addressed important severity remote code execution vulnerabilities affecting multiple Office products in the January 2021 Office security updates.
In total, the company released 26 security updates and 5 cumulative updates for 7 different products, fixing 11 vulnerabilities that could allow attackers to escalate privileges or execute arbitrary code remotely on systems running vulnerable software.
This Patch Tuesday, Microsoft also issued several SharePoint non-security updates, as well as fixed separate issues affecting the Microsoft 365 Apps version of Outlook.
Microsoft also released non-security Office updates last week addressing bugs that may lead to PowerPoint crashes and other issues affecting Windows Installer (MSI) editions of Office 2016, Office 2013, and Office 2010 products.
The company issued the February 2021 Patch Tuesday updates yesterday, with patches for a Windows Win32k elevation of privilege zero-day exploited in the wild and 56 other security vulnerabilities, 11 of them classified as critical severity.
Additionally, Microsoft urged customers to install security updates for three critical and high severity Windows TCP/IP security bugs as soon as possible due to the elevated exploitation risk and potential denial-of-service (DoS) attacks that could soon target unpatched systems.
Non-security Windows updates were delivered to Windows 10 customers with the KB4601315 and KB4601319 cumulative updates.
Patched Office security vulnerabilities
This month's Office security updates address bugs exposing Windows systems running vulnerable Click to Run an ..
Support the originator by clicking the read the rest link below.
