Microsoft Issues Out-of-Cycle SharePoint UpdateMicrosoft Issues Out-of-Cycle SharePoint Update
The update repairs vulnerabilities that could lead to very effective phishing messages.
December 19, 2019
Microsoft has released an out-of-cycle update for SharePoint to close previously undisclosed vulnerabilities. The vulnerabilities, CVE-2019-1442 and CVE-2019-1443, could allow an attacker to upload specially crafted files that would bypass validation and security to request credentials from the recipient. In both cases, the result would be an especially effective phishing campaign because the messages would come from within the victim's organization.
The update also includes fixes for a number of non-security issues, including malformed and misdisplayed HTTP message components and misleading date information that could result from certain document creation sequences.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
AI in Cybersecurity: Using artificial intelligence to mitigate emerging security risks
Protecting Critical Infrastructure: The 2021 Energy, Utilities, and Industrials Cyber Threat Landscape Report
Business Buyers Guide to Password Managers