[German]On April 11, 2023 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for still-supported Microsoft Office versions and other products. The April 2023 patchday ends support for Office 2013, and two critical remote code execution vulnerabilities are closed in MS Publisher. Below is an overview of the available updates.
Advertising
An overview of the updates can be found on this web page (and here for this month). Details are documented in the linked KB articles. The updates are available for the installable MSI version of Microsoft Office (the click-to-run packages obtain the updates through other channels). Office 2019 does not appear in the list because it is distributed via click-to-run packages and receives security updates via the Office Update feature.
Office 2016
The following security updates have been released for Office 2016.
Publisher 2016: Description of the security update for Publisher 2016: April 11, 2023 (KB5002221); CVSS:3.1 7.8; the security update addresses two remote code execution vulnerabilities (CVE-2023-28287, CVE-2023-28295) in Microsoft Publisher. These are arbitrary code execution (ACE) vulnerabilities, which means that an attacker or victim must execute code on the local machine to exploit the vulnerability. In most cases, the user is tricked into running malicious files.
Details about the Office updates can be found in the linked KB articles.
Office 2013
Office 2013 requires Service Pack 1 for Microsoft Office 2013 to be installed. The following security updates have been released (are the same patches as for Office 2016).
Publisher 2013: Description of the security update for Publisher 2013: April 11, 2023 (KB5002213)
Details about the Office updates can be found in the linked KB articles. This update ends support for Microsoft Office 2013 (and Microsoft Exchange 2013).
Advertising
Other updates for Office/SharePoint Server
Microsoft has also released security updates for several versions of Microsoft SharePoint Server.
SharePoint Server Subscription Edition
- SharePoint Server Subscription Edition; Description of the security update for SharePoint Server Subscription Edition: April 11, 2023 (KB5002375)
SharePoint Server 2019
- SharePoint Server 2019: Description of the security update for SharePoint Server 2019: April 11, 2023 (KB5002373)
Microsoft SharePoint Server 2016
- SharePoint Enterprise Server 2016: Description of the security update for SharePoint Enterprise Server 2016: April 11, 2023 (KB5002385)
- SharePoint Enterprise Server 2016 Language Pack: April 11, 2023, update for SharePoint Enterprise Server 2016 Language Pack (KB5002370)
Microsoft SharePoint Server 2013
- Project Server 2013: April 11, 2023, cumulative update for Project Server 2013 (KB5002380)
- SharePoint Enterprise Server 2013: April 11, 2023, cumulative update for SharePoint Enterprise Server 2013 (KB5002381)
- SharePoint Foundation 2013: April 11, 2023, cumulative update for SharePoint Foundation 2013 (KB5002379)
- SharePoint Foundation 2013: Description of the security update for SharePoint Foundation 2013: April 11, 2023 (KB5002383)
Similar articles:
Microsoft Security Update Summary (April 11, 2023)
Patchday: Windows 10 Updates (April 11, 2023)
Patchday: Windows 11/Server 2022 Updates (April 11, 2023)
Windows 7/Server 2008 R2; Server 2012 R2: Updates (April 11, 2023)
Patchday: Microsoft Office Updates (April 11, 2023)
Advertising
