Technical Information

Brief overview of the risk:
This security update resolves vulnerabilities in Microsoft Office server and productivity software. The vulnerabilities could allow elevation of privilege if an attacker sends a specially crafted request to an affected SharePoint server.
Detailed Information on the risk:
Elevation of privilege vulnerabilities exist when SharePoint Server improperly sanitizes a specially crafted request to an affected SharePoint server. An authenticated attacker could exploit these vulnerabilities by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited these vulnerabilities could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user.Further information on this exploit is available at : MS15-036