In our organization, we are using Windows Server 2019 and have installed Microsoft Office 2021. Our server lacks internet connectivity, and we need to update Microsoft Office 2021 to address several CVEs. Despite our efforts, we couldn't find and download the exact KB files on the Microsoft website, and the specific updates required are not clearly mentioned by Microsoft. We need to apply the following updates:
Outlook 2021 Version 2304 (Build 16327.20214):
- CVE-2023-36568 (Elevation of Privilege)
- CVE-2023-36413 (Security Feature Bypass)
- CVE-2024-20677 (Remote Code Execution)
Excel 2021 Version 2304 (Build 16327.20214):
- CVE-2023-24953 (Remote Code Execution)
- CVE-2023-33162 (Information Disclosure)
- CVE-2023-33161 (Remote Code Execution)
Word 2021 Version 2304 (Build 16327.20214):
- CVE-2024-21379 (Remote Code Execution)
- CVE-2023-36009 (Information Disclosure)
- CVE-2023-29335 (Security Feature Bypass)
Microsoft Office 2021 Version 2304 (Build 16327.20214):
- CVE-2024-21413 (Remote Code Execution)
- CVE-2023-36897 (Spoofing)
- CVE-2023-36895 (Remote Code Execution)
- CVE-2023-29333 (Denial of Service)
- CVE-2023-27911 (Buffer Overflow)
For example, I attempted to find the download link for CVE-2023-36568, but it wasn't available. The same issue occurred with all the other CVEs; there were no download links provided for Office 2021. I did find some Office 2016 download links for certain CVEs, but none for Office 2021.
Does anyone know how to find and download the exact KB articles for these CVEs and manually install the updates on our offline server? Any specific troubleshooting steps or guidance would be greatly appreciated.