Microsoft Office January Security Updates With Bug Fixes

Microsoft Office January Security Updates With Bug Fixes

Microsoft has released the January 2019 Office security updates, producing seven security updates and three cumulative updates for five different products, six of them patching flaws allowing remote code execution.

January 2020 Patch Tuesday security updates, with security updates for 49 vulnerabilities, seven of them being classified as Critical and 41 as Important.

Microsoft Office vulnerabilities patches
Out of the seven security updates released by Microsoft for several Office products, six patch remote code execution (RCE) bugs detailed in the
 CVE-2020-0650 , and CVE-2020-0652 security advisories, and impacting Office 2016, Office 2013, Office 2010, Excel 2016, Excel 2013, and Excel 2010.

The RCE security vulnerabilities patched today received a severity rating of 'Important' from Microsoft given that they could allow potential attackers to execute arbitrary code and/or commands after successfully exploiting vulnerable Windows devices.

Advertisement

Worryingly attackers could then install programs, view, change, and delete data, or create new accounts with full user rights on exposed computers.

The other important security update is CVE-2020-0647 a Microsoft Office Online spoofing vulnerability impacting Office Online Server and is caused by incorrect validation of origin in cross-origin communications.

Also see: Windows 7 Support has ended: What are your options now?

This is the explanation from Microsoft.

"The attacker who successfully exploited the vulnerability could then perform cross-origin attacks on affected systems,"

"These attacks could allow the attacker to read content that the attacker is not authorized to read, and use the victim's identity to take actions on the site on behalf of the victim. The victim needs to be authenticated for an attacker to compromise the victim."

Advertisement
Save 10-50% on computers & electronics

The January Microsoft Office security updates available via the Download Center and the Microsoft Update platform. Additional info on each of them is available within the linked knowledge base article links.

These threats are significant and we would recommend downloading the updates as soon as possible.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or LinkedIn.

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

back to top

Popular Tech News

Exciting Microsoft Windows 10 X Features

Exciting Microsoft Windows 10 X Features

01 February, 2020

Windows 10 X is a new edition of Windows 10 designed for dual-screen devices.

We Demand That Microsoft Release a Free Windows 7

We Demand That Microsoft Release a Free Windows 7

01 February, 2020

The Free Software Foundation wants Microsoft to keep Windows 7 alive as a free operating system. Microsoft stopped provi...

What is shadow IT?

What is shadow IT?

09 February, 2020

Many of us will seek out the WiFi password when going into a building, and the reality for many businesses is that the m...

Windows 10 version 1809 will reach end of support in May

Windows 10 version 1809 will reach end of support in May

17 February, 2020

Microsoft dropped support for the popular Windows 7 operating system as well as Windows Server 2008 R2 in January 2020 e...

Apple releases watchOS 6.1.3 including bug fixes

Apple releases watchOS 6.1.3 including bug fixes

18 February, 2020

Apple is currently beta testing watchOS 6.2, but before the company gets around to launching that version to the public...

Latest Apple Arcade games for iPhone, iPad, Mac, and Apple TV

Latest Apple Arcade games for iPhone, iPad, Mac, and Apple TV

02 February, 2020

Apple Arcade launched with close to 100 titles and the service is seeing new games added regularly. Follow along with ou...

×

Sign up to keep in touch!

Be the first to hear the latest Cyber and Tech News straight to your mailbox.

Check out our Privacy Policy & Terms of use
You can unsubscribe from email list at any time