SharePoint 2007, 2010 and 2013 Security Bulletin MS14-022 – Be Careful!

SharePoint 2007, 2010 and 2013 Security Bulletin MS14-022 – Be Careful!

On May 13th, Microsoft released security bulletin MS14-022 to protect your SharePoint 2007, 2010 and 2013 against Remote Code Execution. After chatting with multiple SharePointers on SharePoint-Community.net, I found out that the KB in this security bulletin get pushed out by Windows Update as critical.

One thing to be very careful for is that this is not your usual Windows Update, as it requires you to run PSConfig (aka the SharePoint Configuration Wizard) after installing!

After you install this security update on all SharePoint servers, you have to run the PSconfig tool to complete the installation process. For more information about how to use the PSconfig tool, go to the following Microsoft TechNet webpage: ”

So, be very careful that you plan when you install the KB in security bulletin MS14-022 and that you run PSConfig right after!

For more information about security bulletin MS14-022, visit this link: http://support.microsoft.com/kb/2952166/en-us

No ratings yet.

Please rate this

 
Comments

Thanks for the warning Vlad. Security have raised a call for this vulnerability for SP2010 and SP2013 servers. However, they’ve included a number of SP2016 servers too. Does this vulnerability apply to SP2016 as there’s no mention of it in the MS Bulletin?

Thanks,
John

It’s probably not the same security warning since this post was done in 2014, so SP2016 was not there yet!

Thanks Vlad !

Quick update on why this vulnerability was flagged on SP2016 servers. This was because SPD 2013 was installed.

Awesome, thanks for the update, and it all makes sense now!

Leave a Reply