logo
DATABASE RESOURCES PRICING ABOUT US

MS13-073: Vulnerabilities in Microsoft Excel could allow remote code execution: September 10, 2013

Description

<html><body><p>This security update addresses the vulnerabilities by correcting how Microsoft Excel and other affected Microsoft software validates data when parsing specially crafted Office files and by correcting how the XML parser used by Excel resolves external entities within a specially crafted file.</p><h2>INTRODUCTION</h2><div class="kb-summary-section section">Microsoft has released security bulletin MS13-073. To view the complete security bulletin, visit one of the following Microsoft websites: <ul class="sbody-free_list"><li>Home users:<div class="indent"><a href="http://www.microsoft.com/security/pc-security/updates.aspx" id="kb-link-1" target="_self">http://www.microsoft.com/security/pc-security/updates.aspx</a></div><span class="text-base">Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now:<br/><div class="indent"><a href="http://update.microsoft.com/microsoftupdate/" id="kb-link-2" target="_self">http://update.microsoft.com/microsoftupdate/</a></div></li><li>IT professionals:<div class="indent"><a href="http://technet.microsoft.com/security/bulletin/ms13-073" id="kb-link-3" target="_self">http://technet.microsoft.com/security/bulletin/MS13-073</a></div></li></ul><h3 class="sbody-h3">How to obtain help and support for this security update</h3> Help installing updates: <a href="https://support.microsoft.com/ph/6527" id="kb-link-4" target="_self">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals: <br/><a href="http://technet.microsoft.com/security/bb980617.aspx" id="kb-link-5" target="_self">TechNet Security Troubleshooting and Support</a><br/><br/>Help protect your computer that is running Windows from viruses and malware:<br/><a href="https://support.microsoft.com/contactus/cu_sc_virsec_master" id="kb-link-6" target="_self">Virus Solution and Security Center</a><br/><br/>Local support according to your country: <br/><a href="https://support.microsoft.com/common/international.aspx" id="kb-link-7" target="_self">International Support</a><br/><br/></div><h2></h2><div class="kb-moreinformation-section section"><h3 class="sbody-h3">Known issues and additional information about this security update</h3>The following articles contain additional information about this security update as it relates to individual product versions. These articles may contain known issue information. If this is the case, the known issue is listed below each article link. <ul class="sbody-free_list"><li><a href="https://support.microsoft.com/en-us/help/2760583" id="kb-link-8">2760583 </a> MS13-073: Description of the security update for Microsoft Office Excel 2007: September 10, 2013</li><li><a href="https://support.microsoft.com/en-us/help/2760588" id="kb-link-9">2760588 </a> MS13-073: Description of the security update for Microsoft Excel 2007 (xlconv-x-none.msp): September 10, 2013</li><li><a href="https://support.microsoft.com/en-us/help/2760590" id="kb-link-10">2760590 </a> MS13-073: Description of the security update for Microsoft Office Excel Viewer 2007: September 10, 2013</li><li><a href="https://support.microsoft.com/en-us/help/2760597" id="kb-link-11">2760597 </a> MS13-073: Description of the security update for Microsoft Excel 2010: September 10, 2013</li><li><a href="https://support.microsoft.com/en-us/help/2768017" id="kb-link-12">2768017 </a> MS13-073: Description of the security update for Microsoft Excel 2013: September 10, 2013</li><li><a href="https://support.microsoft.com/en-us/help/2810048" id="kb-link-13">2810048 </a> MS13-073: Description of the security update for Microsoft Excel 2003: September 10, 2013</li></ul><div class="faq-section" faq-section=""><div class="faq-panel"><div class="faq-panel-heading" faq-panel-heading=""><span class="link-expand-image"><span class="faq-chevron win-icon win-icon-ChevronUpSmall"></span></span><span class="bold btn-link link-expand-text"><span class="bold btn-link">File hash information</span></span></div><div class="faq-panel-body" faq-panel-body=""><span><div class="kb-collapsible kb-collapsible-collapsed"><div class="table-responsive"><table class="sbody-table table"><tr class="sbody-tr"><th class="sbody-th">File name</th><th class="sbody-th">SHA1 hash</th><th class="sbody-th">SHA256 hash</th></tr><tr class="sbody-tr"><td class="sbody-td">excel2007-kb2760583-fullfile-x86-glb.exe</td><td class="sbody-td">8FD16A3D1C4DA075891721202BC5734B75229F21</td><td class="sbody-td">A741EA7CE7FABB40D011C3141EBBB06C6B6473DB23B57D90A8A52A24A5820AE0</td></tr><tr class="sbody-tr"><td class="sbody-td">excel2010-kb2760597-fullfile-x64-glb.exe</td><td class="sbody-td">EA9BEBA1E7D06C13531A67671A5E73259FBDE93D</td><td class="sbody-td">134497AEA1D38DB03032CD58BFF4B619D8CD16938709E1EE7F73EDFCE59A6CDF</td></tr><tr class="sbody-tr"><td class="sbody-td">excel2010-kb2760597-fullfile-x86-glb.exe</td><td class="sbody-td">0A329ED77A783DBAE7DB221DEA444E2508671A38</td><td class="sbody-td">FE471E005A512AD64B9F4DD9CE653741A7874E6088D48E6BD78F3C582191832A</td></tr><tr class="sbody-tr"><td class="sbody-td">graph2010-kb2687275-fullfile-x64-glb.exe</td><td class="sbody-td">07D569E5CA650CB5E4BDF090E4BE6EAC91511018</td><td class="sbody-td">98999DDB40B437D0A2E9C9DA6827F6A369F7D914E0FF1E6F0A8AD468797CFC13</td></tr><tr class="sbody-tr"><td class="sbody-td">graph2010-kb2687275-fullfile-x86-glb.exe</td><td class="sbody-td">71598A0D6E189AD0D4E4785EC5ACC2A4F4823814</td><td class="sbody-td">32458E0DDDBD6D9805C94E419B567050AE0943CFC8B333FBAAA7734033F38AE2</td></tr><tr class="sbody-tr"><td class="sbody-td">wdsrv2010-kb2760755-fullfile-x64-glb.exe</td><td class="sbody-td">F55883F6C0D5A5EDD2F04747880159D96A72743F</td><td class="sbody-td">5B4F1B2D87C63D0B9DCB017FF5B09ED309A7C8402AD34694FACEB1F43150E126</td></tr><tr class="sbody-tr"><td class="sbody-td">xlconv2007-kb2760588-fullfile-x86-glb.exe</td><td class="sbody-td">60F61CB663E9562E32799E2188D11DB346313E31</td><td class="sbody-td">6644B99D1A83B7D32D8D9C8A90FEE7742160A3B6F020FE3BF303FE454CD0ABEB</td></tr><tr class="sbody-tr"><td class="sbody-td">xlsrv2010-kb2760595-fullfile-x64-glb.exe</td><td class="sbody-td">B4D49782733AC2158F1C07177DB44320A543AC34</td><td class="sbody-td">CAA100BC32C152A21E0391D3779360E70F8062006C938A7E2D3F51F378C0ECF0</td></tr><tr class="sbody-tr"><td class="sbody-td">xlsrvapp2007-kb2760589-fullfile-x64-glb.exe</td><td class="sbody-td">B188BF54191B670760C514ED44A8066FC03A528A</td><td class="sbody-td">295C2683D3D0BC90604694735F1C20C98B350217BEC7BCB8F0E35A8567F9D768</td></tr><tr class="sbody-tr"><td class="sbody-td">xlsrvapp2007-kb2760589-fullfile-x86-glb.exe</td><td class="sbody-td">6E90D96E807A8694CEBFA1459F2AB696FDD56DF6</td><td class="sbody-td">6AA3CC62A521B10629C4998567A63A3BEC61F48243780AA79C40F96FAF7B8B44</td></tr><tr class="sbody-tr"><td class="sbody-td">xlview2007-kb2760590-fullfile-x86-glb.exe</td><td class="sbody-td">55C7B6442366AFC6EACFDF6047EA9F1335933B0D</td><td class="sbody-td">EF672F28301954566CC33E9425155729AF1EF9E350EB055E735DF464DB1A9F95</td></tr><tr class="sbody-tr"><td class="sbody-td">xlwac2010-kb2760594-fullfile-x64-glb.exe</td><td class="sbody-td">722CDD51E9AF23F29372D020938AEFC5DA350096</td><td class="sbody-td">E7116450C7F9304939EFA1F74B9D0E2655243455964478DA485229CD7D55EBF3</td></tr></table></div></div><br/></span></div></div></div></div></body></html>


Related