Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB4018343
HistoryApr 10, 2018 - 7:00 a.m.

Description of the security update for SharePoint Enterprise Server 2013: April 10, 2018

2018-04-1007:00:00
Microsoft
support.microsoft.com
25

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.1

Confidence

High

EPSS

0.135

Percentile

95.7%

JSON

Description of the security update for SharePoint Enterprise Server 2013: April 10, 2018

Summary

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2018-1028.Note To apply this security update, you must have the release version of Service Pack 1 for Microsoft SharePoint Server 2013 installed on the computer.

How to get and install the update

Method 1: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Method 2: Microsoft Download Center

You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More Information

Security update deployment information

For deployment information about this update, see security update deployment information: April 10, 2018.

Security update replacement information

This security update replaces previously released security update KB 3213559.

File hash information

Package name Package hash SHA 1 Package hash SHA 2
xlsrvloc2013-kb4018343-fullfile-x64-glb.exe 96BF8328F5DA66ADE0B6497EF44A2A862AA3ABE2 D9AB86EBC0737C67DBF52A1464E4EA697E01F2425D625D312AD9C3A9E1A115D9

File informationFor a list of the files that are provided in this security update, download the file information for update 4018343.

How to get help and support for this security update

Help for installing updates: Windows Update: FAQ

Security solutions for IT professionals: Security Support and Troubleshooting

Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure

Local support according to your country: International SupportPropose a feature or provide feedback on SharePoint: SharePoint User Voice portal

Related

nessus 3
openvas 4
mskb 9
checkpoint_advisories 1
symantec 1
nvd 1
cvelist 1
mscve 1
cve 1
prion 1
kaspersky 1
talosblog 1
trendmicroblog 1
nessus
nessus
Security Updates for Microsoft Office Web Apps (April 2018)
2018-04-10 00:00:00
Security Updates for Microsoft SharePoint Server (April 2018)
2018-04-13 00:00:00
Security Updates for Microsoft Office Products (April 2018)
2018-04-10 00:00:00
openvas
openvas
Microsoft Office 2013 Service Pack 1 Remote Code Execution Vulnerability (KB4018330)
2018-04-11 00:00:00
Microsoft Office 2010 Service Pack 2 Remote Code Execution Vulnerability (KB4018311)
2018-04-11 00:00:00
Microsoft Office 2016 Remote Code Execution Vulnerability (KB4018328)
2018-04-11 00:00:00
mskb
mskb
Description of the security update for Office 2013: April 10, 2018
2018-04-10 07:00:00
Description of the security update for Office 2016: April 10, 2018
2018-04-10 07:00:00
Description of the security update for SharePoint Enterprise Server 2013: April 10, 2018
2018-04-10 07:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Office Graphics Remote Code Execution (CVE-2018-1028)
2018-04-10 00:00:00
symantec
symantec
Microsoft Office CVE-2018-1028 Remote Code Execution Vulnerability
2018-04-10 00:00:00
nvd
nvd
CVE-2018-1028
2018-04-12 01:29:10
cvelist
cvelist
CVE-2018-1028
2018-04-12 01:00:00
mscve
mscve
Microsoft Office Graphics Remote Code Execution Vulnerability
2018-04-10 07:00:00
cve
cve
CVE-2018-1028
2018-04-12 01:29:10
prion
prion
Remote code execution
2018-04-12 01:29:00
kaspersky
kaspersky
KLA11225 Multiple vulnerabilities in Microsoft Office
2018-04-10 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - April 2018
2018-04-10 13:13:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 9, 2018
2018-04-13 15:37:14

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.1

Confidence

High

EPSS

0.135

Percentile

95.7%

JSON
Related for KB4018343
nessus3openvas4mskb9checkpoint_advisories1symantec1nvd1cvelist1mscve1cve1prion1kaspersky1talosblog1trendmicroblog1