KLA20121
Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Microsoft Office Graphics can be exploited remotely to execute arbitrary code.
2. A remote code execution vulnerability in Microsoft SharePoint Server can be exploited remotely to execute arbitrary code.
3. A remote code execution vulnerability in Microsoft Office Visio can be exploited remotely to execute arbitrary code.
4. A spoofing vulnerability in Microsoft Outlook for Mac can be exploited remotely to spoof user interface.
5. A remote code execution vulnerability in Microsoft Office OneNote can be exploited remotely to execute arbitrary code.

Microsoft Office 2019 for Mac
Microsoft Visio 2013 Service Pack 1 (32-bit editions)
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Visio 2016 (64-bit edition)
Microsoft Office 2019 for 32-bit editions
Microsoft Visio 2016 (32-bit edition)
Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2016
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office LTSC for Mac 2021
Microsoft Visio 2013 Service Pack 1 (64-bit editions)
Microsoft SharePoint Server Subscription Edition
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft SharePoint Server 2019
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft Office 2019 for 64-bit editions

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

CVE-2022-26806
CVE-2022-26805
CVE-2022-44693
CVE-2022-47211
CVE-2022-26804
CVE-2022-44695
CVE-2022-44694
CVE-2022-44696
CVE-2022-44690
CVE-2022-44713
CVE-2022-47212
CVE-2022-44691
CVE-2022-47213
CVE-2022-44692

5002280
5002327
5002319
5002321
5002286
5002317
5002311