Microsoft patched 10 critical SharePoint vulnerabilities today, one of four critical bulletins released by Microsoft. The most critical is a remote code execution bug that could give an attacker privileges in the context of the W3WP service account. Microsoft also patching denial of service, memory corruption and cross-site scripting vulnerabilities in SharePoint. The remaining bulletins were rated Important by Microsoft: CVE-2013-1330 and MS13-069. The bulletin is limited to Windows XP and Windows Server 2003, which will no longer be supported after April 2014.
Source: https://threatpost.com/critical-sharepoint-bulletin-top-priority-on-patch-tuesday/102246/