Microsoft released security bulletin MS14-058 for this issue. The update addresses a remote code execution vulnerability in Microsoft SharePoint Foundation, Microsoft SharePoint Server, Microsoft SharePoint Server 2010, and Microsoft SharePoint Server 2013. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

In order to successfully exploit this vulnerability, an attacker must be able to access the SharePoint server, such as when a user clicks on a malicious link sent in an email. End users who visit a malicious website or open a malicious email could be exploited.
An attacker could host a specially crafted website, or use a specially crafted Microsoft Office program or Microsoft SharePoint Server Web Application to try to exploit the vulnerability. These applications could attempt to exploit the vulnerability by running a remote code attack against the target system. In some cases, this may require the user to click on a link or open a specially crafted document.

In all cases, users should be vigilant regarding emails asking them to open documents or click on links. Microsoft Active Protections Program The Microsoft Active Protections Program (MAPP) is a security software assurance program that helps IT professionals protect their devices from security vulnerabilities by scanning for software assurance weaknesses

How Does This Vulnerability Occur?

An attacker can exploit this vulnerability by convincing a user to open a specially crafted Microsoft Office program or Microsoft SharePoint Server Web Application, or click on a link in an email.

How does Microsoft Office Word run a remote code attack?

Office Word can run a remote code attack on the target system if a user clicks on a specially crafted link or opens a specially crafted document. The following are examples of scenarios in which Office Word could attempt to exploit the vulnerability:
o If an attacker sends an email that contains a malicious Microsoft Word attachment, this type of attack would occur. The email message would likely contain some text that asks the user to open or click on the attachment. In such cases, the user should be wary of opening any attachments in emails and instead always verify with their own antivirus software or other security software before opening attachments.
o If an attacker hosts a website that contains a specially crafted Microsoft Word document (such as one with malicious macro content), this kind of attack could occur. For example, if an attacker hosts a website with documents containing malicious macros related to CVE-2022-21837, users who visit that website could be exploited by Office Word running macros from within Microsoft Office programs.
In order to successfully exploit this vulnerability, Office Word must be able to access the SharePoint server, such as when an end user clicks on a malicious link sent in an email. End users who visit a malicious website or open a malicious email could be exploited by Office Word running macros from within Microsoft Office programs.

Detects Operations that could lead to security vulnerabilities

The Microsoft Active Protections Program (MAPP) is a security software assurance program that helps IT professionals protect their devices from security vulnerabilities by scanning for software assurance weaknesses. It can detect operations that could lead to security vulnerabilities in the operating system, such as running a local or remote file, sending or receiving email, or browsing the Internet.

^Back to Top^^

Digital marketing is important because it can help you reach your target audience in the most efficient way possible, which ultimately leads to better performance for your company. Furthermore, digital marketing can help you identify security vulnerabilities and keep your devices protected from them.

Timeline

Published on: 01/11/2022 21:15:00 UTC
Last modified on: 01/14/2022 03:25:00 UTC

References