MS13-067: Vulnerabilities in Microsoft SharePoint Server could allow remote code execution: September 10, 2013

Introduction

This security update resolves vulnerabilities in Microsoft Office Server software that could allow remote code execution in the context of the W3WP service account.

Summary

Microsoft has released security bulletin MS13-067. To view the complete security bulletin, go to one of the following Microsoft websites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

More information about this security update

Known issues and additional information about this security update

The following articles contain additional information about this security update as it relates to individual product versions. These articles may contain known issue information. If this is the case, the known issue is listed below each article link.

SharePoint Server

Note After you install any of the following SharePoint Server security updates, you have to run the PSconfig tool to complete the installation.

  • 2810083 MS13-067: Description of the security update for SharePoint Server 2013 (coreserverloc): September 10, 2013

  • 2817305 MS13-067: Description of the security update for SharePoint Server 2013 (wacserver): September 10, 2013
  • 2817315 MS13-067: Description of the security update for SharePoint Foundation 2013: September 10, 2013
  • 2817393 MS13-067: Description of the security update for SharePoint Server 2010 (coreserver): September 10, 2013
  • 2817372 MS13-067: Description of the security update for SharePoint Server 2010 (wosrv): September 10, 2013
  • 2810067 MS13-067: Description of the security update for SharePoint Foundation 2010: September 10, 2013
SharePoint Services

Note After you install any of the following SharePoint Services security updates, you have to run the PSconfig tool to complete the installation.



  • 2760420 MS13-067: Description of the security update for Windows SharePoint Services 3.0: September 10, 2013
  • 2810061 MS13-067: Description of the security update for Windows SharePoint Services 2.0: September 10, 2013
Office Web Services
  • 2760595 MS13-067: Description of the security update for Excel Services in SharePoint Server 2010: September 10, 2013
  • 2760589 MS13-067: Description of the security update for Excel Services in SharePoint Server 2007: September 10, 2013
  • 2553408 MS13-067: Description of the security update for InfoPath Forms Services in SharePoint 2010: September 10, 2013
  • 2760755 MS13-067: Description of the security update for Word Automation Services in SharePoint Server 2010: September 10, 2013
Office Online
  • 2760594 MS13-067: Description of the security update for Excel Online: September 10, 2013
  • 2817384 MS13-067: Description of the security update for Word Online: September 10, 2013
File hash information

Applies to

This article applies to the following:
  • Microsoft SharePoint Server 2013
  • Microsoft SharePoint Foundation 2013
  • Microsoft SharePoint Server 2010 Service Pack 2
  • Microsoft SharePoint Server 2010 Service Pack 1
  • Microsoft SharePoint Foundation 2010
  • Microsoft Windows SharePoint Services 3.0
  • Microsoft Windows SharePoint Services 2.0
  • Excel Services in Microsoft SharePoint Server 2010
  • Excel Services in Microsoft Office SharePoint Server 2007
  • InfoPath Forms Services in SharePoint 2010
  • Word Automation Services in SharePoint Server 2010
  • Microsoft Excel Online
  • Microsoft Word Online
Properties

Article ID: 2834052 - Last Review: Apr 18, 2014 - Revision: 1

Feedback