Microsoft recently announced a security bulletin (MS15-047) informing the public of vulnerabilities in Microsoft SharePoint Server which could allow remote execution as discussed in Microsoft Knowledge Base Article 3058083. The affected software includes all editions of Microsoft SharePoint 2007, SharePoint 2010, and SharePoint 2013. The threat assessment coming from Microsoft is viewed as important being a successful attacker could run arbitrary code in the security context of the W3WP service account on the target SharePoint site.
Therefore it’s time to secure your SharePoint Server since at the time of the release of bulletin MS15-047 Microsoft had not been notified that these vulnerabilities had been publicly used to attack customers. Before downloading and deploying the security update make sure all updates offered for your current version of software are installed on your system.
For additional information on this vulnerability, check out the following links: