MS14-050 Critical Vulnerability in SharePoint 2013

MS14-050 Critical Vulnerability in SharePoint 2013

V: 1.2

Recently Microsoft Security Bulletin MS14-050 has been released as Critical. It applies to following products:
  • Sharepoint Server 2013 (with or without SP1)
  • Sharepoint Foundation 2013 (with or without SP1)

Maximum Security Impact: Elevation of Privilege
Aggregate Severity Rating: Important

This security update may require reboot. 
This security update resolves one privately reported vulnerability in Microsoft SharePoint Server. An authenticated attacker who successfully exploited this vulnerability could use a specially crafted app to run arbitrary JavaScript in the context of the user on the current SharePoint site.
Microsoft Security Bulletin MS14-050 – August 2014

MS Knowledge Base Articles
MS14-050: Vulnerability in Microsoft SharePoint Server could allow elevation of privilege: August 12, 2014

MS14-050: Description of the security update for SharePoint Services: August 12, 2014

Common Vulnerabilities and Exposures

NIST National Vulnerability Database – Vulnerability Summary for CVE-2014-2816

Updates Replaces by this update – MS14-022

Download MS14-050 – Security Update for Microsoft SharePoint Enterprise Server 2013 (KB2880994)

Mitigating Factors
No mitigating factors have been identified.

For SharePoint instances, evaluate and remove apps as appropriate. Install new apps from trusted sources only.

Security Tools:

Leave a Reply

Enter the CAPTCHA * Time limit is exhausted. Please reload CAPTCHA.