Share this Tech Tip!

Critical Security update for Sharepoint Server (CVE-2020-1181)

A vulnerability has been detected in SharePoint Server that requires immediate attention.  Microsoft has released a fix for this vulnerability in the Patch Tuesday updates from 6/9/2020.  It is advised that you update as soon as possible.

 

Description of Vulnerability:

A remote authenticated user can use a remote code execution when SharePoint Server fails to properly identify and filter unsafe ASP.Net controls.  Successful attacks could use specially crafted pages to perform actions in the security context of SharePoint application pools.

 

The fix for the remote code execution vulnerability has been implemented in the latest patches for SharePoint Server.

 

If you have any further question or need support with implementation, please reach out to us HERE.