This security update resolves a remote code execution vulnerability that exists in Microsoft Word software if it does not correctly handle objects in memory. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2019-1201 and Microsoft Common Vulnerabilities and Exposures CVE-2019-1205.
Note To apply this security update, you must have the release version of Office Online Server installed on the computer.
Known issues in this update
-
After you install this security update, Office Online Server logging will be set to Verbose by default. We recommend that you change this setting to Medium by running the following command:
Set-OfficeWebAppsFarm -LogVerbosity “Medium”
Note After you run the command, you have to restart the Office Online Service. To do this, run the following command:
Restart-Service WACSM