SharePoint 2007, 2010 and 2013 Security Bulletin MS14-022 – Be Careful!


On May 13th, Microsoft released security bulletin MS14-022 to protect your SharePoint 2007, 2010 and 2013 against Remote Code Execution. After chatting with multiple SharePointers on, I found out that the KB in this security bulletin get pushed out by Windows Update as critical.

One thing to be very careful for is that this is not your usual Windows Update, as it requires you to run PSConfig (aka the SharePoint Configuration Wizard) after installing!

After you install this security update on all SharePoint servers, you have to run the PSconfig tool to complete the installation process. For more information about how to use the PSconfig tool, go to the following Microsoft TechNet webpage: ”

So, be very careful that you plan when you install the KB in security bulletin MS14-022 and that you run PSConfig right after!

For more information about security bulletin MS14-022, visit this link:

Previous Post
Value cannot be null. Parameter name: userProfileApplicationProxy
Next Post
How to create a color coded group calendar for SharePoint 2013 Step by Step


  • December 12, 2018 at 10:18 am
    John McKenna

    Thanks for the warning Vlad. Security have raised a call for this vulnerability for SP2010 and SP2013 servers. However, they’ve included a number of SP2016 servers too. Does this vulnerability apply to SP2016 as there’s no mention of it in the MS Bulletin?


    • December 24, 2018 at 2:35 am

      It’s probably not the same security warning since this post was done in 2014, so SP2016 was not there yet!

  • January 8, 2019 at 11:39 am
    John McKenna

    Thanks Vlad !

  • January 24, 2019 at 7:12 am
    John McKenna

    Quick update on why this vulnerability was flagged on SP2016 servers. This was because SPD 2013 was installed.

    • January 24, 2019 at 3:43 pm

      Awesome, thanks for the update, and it all makes sense now!


Leave a Reply

15 49.0138 8.38624 1 0 4000 1 300 1