Endpoint Vulnerability

Microsoft Office Security Feature Bypass Vulnerability

Description

A security feature bypass vulnerability exists when Microsoft Office does not validate URLs. An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials. An attacker who successfully exploited this vulnerability could perform a phishing attack. The update addresses the vulnerability by ensuring Microsoft Office properly validates URLs.

Affected Products

Microsoft SharePoint Server 2019

References

CVE-2019-1442,