MS15-012: Vulnerabilities in Microsoft Office could allow remote code execution: February 10, 2015

<html><body><p>Resolves vulnerabilities in Microsoft Office that could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Office file in an affected version of Office software.</p><h2>Introduction</h2><div>This security update resolves vulnerabilities in Microsoft Office 2010 that could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Office file in an affected version of Office software. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user.<br /><span></span></div><h2>Summary</h2><div>Microsoft has released security bulletin MS15-012. Learn more about how to obtain the fixes that are included in this security bulletin: <ul><li>For individual, small business, and organizational users, use the Windows automatic updating feature to install the fixes from Microsoft Update. To do this, see <a href=“http://www.microsoft.com/security/pc-security/updates.aspx” target=“_self”>Get security updates automatically</a> on the Microsoft Safety and Security Center website.<br /></li><li>For IT professionals, see <a href=“http://technet.microsoft.com/security/bulletin/ms15-012” target=“_self”>Microsoft Security Bulletin MS15-012</a> on the Security TechCenter website.</li></ul></div><h2></h2><div><h3>How to obtain help and support for this security update</h3>Help installing updates: <a href=“https://support.microsoft.com/ph/6527” target=“_self”>Support for Microsoft Update</a><br /><br />Security solutions for IT professionals: <a href=“http://technet.microsoft.com/security/bb980617.aspx” target=“_self”>TechNet Security Troubleshooting and Support</a><br /><br />Help protect your Windows-based computer from viruses and malware: <a href=“https://support.microsoft.com/gp/cu_sc_virsec_master” target=“_self”>Virus Solution and Security Center</a><br /><br />Local support according to your country: <a href=“https://support.microsoft.com/common/international.aspx” target=“_self”>International Support</a></div><h2></h2><div><h3>More information about this security update</h3><h4>Known issues and additional information about this security update</h4>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed under each article link.<br /><ul><li><a href=“https://support.microsoft.com/en-us/help/2920753”>2920753 </a> MS15-012: Description of the security update for Microsoft Excel 2013: February 10, 2015 </li><li><a href=“https://support.microsoft.com/en-us/help/2920788”>2920788 </a> MS15-012: Description of the security update for Microsoft Excel 2007: February 10, 2015</li><li><a href=“https://support.microsoft.com/en-us/help/2920791”>2920791 </a> MS15-012: Description of the security update for Microsoft Office Excel Viewer 2007: February 10, 2015</li><li><a href=“https://support.microsoft.com/en-us/help/2920810”>2920810 </a> MS15-012: Description of the security update for SharePoint Server 2010: February 10, 2015</li><li><a href=“https://support.microsoft.com/en-us/help/2956058”>2956058 </a> MS15-012: Description of the security update for Office 2010: February 10, 2015</li><li><a href=“https://support.microsoft.com/en-us/help/2956066”>2956066 </a> MS15-012: Description of the security update for Word 2010: February 10, 2015</li><li><a href=“https://support.microsoft.com/en-us/help/2956070”>2956070 </a> MS15-012: Description of the security update for Office Web Apps 2010: February 10, 2015</li><li><a href=“https://support.microsoft.com/en-us/help/2956073”>2956073 </a> MS15-012: Description of the security update for Office 2010 Proofing Tools: February 10, 2015</li><li><a href=“https://support.microsoft.com/en-us/help/2956081”>2956081 </a> MS15-012: Description of the security update for Microsoft Excel 2010: February 10, 2015</li><li><a href=“https://support.microsoft.com/en-us/help/2956092”>2956092 </a> MS15-012: Description of the security update for Word Viewer: February 10, 2015</li><li><a href=“https://support.microsoft.com/en-us/help/2956097”>2956097 </a> MS15-012: Description of the security update for Microsoft Office Compatibility Pack Service Pack 3: February 10, 2015</li><li><a href=“https://support.microsoft.com/en-us/help/2956098”>2956098 </a> MS15-012: Description of the security update for Office Compatibility Pack SP3: February 10, 2015</li><li><a href=“https://support.microsoft.com/en-us/help/2956099”>2956099 </a> MS15-012: Description of the security update for Word 2007: February 10, 2015</li></ul></div><h2></h2><div><div><div><div><span><span></span></span><span><span>Security update deployment</span></span></div><div><span><div><h4>The 2007 Microsoft Office system (all editions) and other software</h4><span>Reference table</span><br /><br />The following table contains the security update information for this software.<br /><br /><div><table><tr><td><span>Security update file name</span></td><td>For Microsoft Excel 2007 Service Pack 3:<br /><span>excel2007-kb2920788-fullfile-x86-glb.exe</span></td></tr><tr><td><br /></td><td>For Microsoft Office Word 2007 Service Pack 3:<br /><span>word2007-kb2956099-fullfile-x86-glb.exe</span></td></tr><tr><td><br /></td><td>For Microsoft Word Viewer:<br /><span>office-kb2956092-fullfile-enu.exe</span></td></tr><tr><td><br /></td><td>For Microsoft Excel Viewer:<br /><span>xlview2007-kb2920791-fullfile-x86-glb.exe</span></td></tr><tr><td><br /></td><td>For Microsoft Office Compatibility Pack:<br /><span>xlconv2007-kb2956097-fullfile-x86-glb.exe</span><br /><br /><span>wordconv2007-kb2956098-fullfile-x86-glb.exe</span></td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/912203” target=“_self”>Microsoft Knowledge Base Article 912203</a></td></tr><tr><td><span>Restart requirement</span></td><td>In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart.<br /><br />To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install the security update. For more information about the reasons why you may be prompted to restart, see <a href=“https://support.microsoft.com/help/887012” target=“_self”>Microsoft Knowledge Base Article 887012</a>.</td></tr><tr><td><span>Removal information</span></td><td>Use <span>Add or Remove Programs</span> item in <span>Control Panel</span>.</td></tr><tr><td><span>File information</span></td><td>See <a href=“https://support.microsoft.com/help/2920788” target=“_self”>Microsoft Knowledge Base Article 2920788</a><br />See <a href=“https://support.microsoft.com/help/2956099” target=“_self”>Microsoft Knowledge Base Article 2956099</a><br />See <a href=“https://support.microsoft.com/help/2956092” target=“_self”>Microsoft Knowledge Base Article 2956092</a><br />See <a href=“https://support.microsoft.com/help/2920791” target=“_self”>Microsoft Knowledge Base Article 2920791</a><br />See <a href=“https://support.microsoft.com/help/2956097” target=“_self”>Microsoft Knowledge Base Article 2956097</a><br />See <a href=“https://support.microsoft.com/help/2956098” target=“_self”>Microsoft Knowledge Base Article 2956098</a></td></tr><tr><td><span>Registry key verification</span></td><td>Not applicable</td></tr></table></div><br /><h4>Microsoft Office 2010 (all editions)</h4><span>Reference table</span><br /><br />The following table contains the security update information for this software.<br /><br /><br /><div><table><tr><td><span>Security update file name</span></td><td>For Microsoft Office 2010 Service Pack 2 (32-bit editions) (proofing tools)<br /><span>proofloc2010-kb2956073-fullfile-x86-glb.exe <br />kb24286772010-kb2956058-fullfile-x86-glb.exe</span></td></tr><tr><td><br /></td><td>For Microsoft Office 2010 Service Pack 2 (64-bit editions) (proofing tools)<br /><span>proofloc2010-kb2956073-fullfile-x64-glb.exe <br />kb24286772010-kb2956058-fullfile-x64-glb.exe</span></td></tr><tr><td><br /></td><td>For Microsoft Excel 2010 Service Pack 2 (32-bit editions)<br /><span>excel2010-kb2956081-fullfile-x86-glb.exe</span></td></tr><tr><td><br /></td><td>For Microsoft Excel 2010 Service Pack 2 (64-bit editions)<br /><span>excel2010-kb2956081-fullfile-x64-glb.exe</span></td></tr><tr><td><br /></td><td>For Microsoft Word 2010 Service Pack 2 (32-bit editions)<br /><span>word2010-kb2956066-fullfile-x86-glb.exe</span></td></tr><tr><td><br /></td><td>For Microsoft Word 2010 Service Pack 2 (64-bit editions)<br /><span>word2010-kb2956066-fullfile-x64-glb.exe</span></td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/912203” target=“_self”>Microsoft Knowledge Base Article 912203</a></td></tr><tr><td><span>Restart requirement</span></td><td>In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart.<br /><br />To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install the security update. For more information about the reasons why you may be prompted to restart, see <a href=“https://support.microsoft.com/help/887012” target=“_self”>Microsoft Knowledge Base Article 887012</a>.</td></tr><tr><td><span>Removal information</span></td><td>Use <span>Add or Remove Programs</span> item in <span>Control Panel</span>.</td></tr><tr><td><span>File information</span></td><td>See <a href=“https://support.microsoft.com/help/2956073” target=“_self”>Microsoft Knowledge Base Article 2956073</a><br />See <a href=“https://support.microsoft.com/help/2956058” target=“_self”>Microsoft Knowledge Base Article 2956058</a><br />See <a href=“https://support.microsoft.com/help/2956081” target=“_self”>Microsoft Knowledge Base Article 2956081</a><br />See <a href=“https://support.microsoft.com/help/2956066” target=“_self”>Microsoft Knowledge Base Article 2956066</a></td></tr><tr><td><span>Registry key verification</span></td><td>Not applicable</td></tr></table></div><br /><h4>Microsoft SharePoint Server 2010 (all versions)</h4><span>Reference table</span><br /><br />The following table contains the security update information for this software.<br /><br /><br /><div><table><tr><td><span>Security update file name</span></td><td>For Word Automation Services on supported editions of Microsoft SharePoint Server 2010 Service Pack 2:<br /><span>wdsrv2010-kb2920810-fullfile-x64-glb.exe</span></td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/912203” target=“_self”>Microsoft Knowledge Base Article 912203</a></td></tr><tr><td><span>Restart requirement</span></td><td>In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart.<br /><br />To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install the security update. For more information about the reasons why you may be prompted to restart, see <a href=“https://support.microsoft.com/help/887012” target=“_self”>Microsoft Knowledge Base Article 887012</a>.</td></tr><tr><td><span>Removal information</span></td><td>This security update cannot be removed.</td></tr><tr><td><span>File Information</span></td><td>See <a href=“https://support.microsoft.com/help/2920810” target=“_self”>Microsoft Knowledge Base Article 2920810</a></td></tr><tr><td><span>Registry key verification</span></td><td>Not applicable</td></tr></table></div><br /><h4>Microsoft Office Web Apps 2010 (all versions) </h4><span>Reference table</span><br /><br />The following table contains the security update information for this software.<br /><br /><br /><div><table><tr><td><span>Security update file name</span></td><td>For Microsoft Office Web Apps 2010 Service Pack 2:<br /><span>wac2010-kb2956070-fullfile-x64-glb.exe</span></td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/912203” target=“_self”>Microsoft Knowledge Base Article 912203</a></td></tr><tr><td><span>Restart requirement</span></td><td>In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart.<br /><br />To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install the security update. For more information about the reasons why you may be prompted to restart, see <a href=“https://support.microsoft.com/help/887012” target=“_self”>Microsoft Knowledge Base Article 887012</a>.</td></tr><tr><td><span>Removal information</span></td><td>This security update cannot be removed.</td></tr><tr><td><span>File Information</span></td><td>See <a href=“https://support.microsoft.com/help/2956070” target=“_self”>Microsoft Knowledge Base Article 2956070</a></td></tr><tr><td><span>Registry key verification</span></td><td>Not applicable</td></tr></table></div><br /><h4>Microsoft Excel 2013 (all editions)</h4><span>Reference table</span><br /><br />The following table contains the security update information for this software.<br /><br /><div><table><tr><td><span>Security update file name</span></td><td>For supported editions of Microsoft Excel 2013 (32-bit editions):<br /><span>excel2013-kb2920753-fullfile-x86-glb.exe</span></td></tr><tr><td><br /></td><td>For supported editions of Microsoft Excel 2013 (64-bit editions):<br /><span>excel2013-kb2920753-fullfile-x64-glb.exe</span></td></tr><tr><td><span>Installation switches</span></td><td>See <a href=“https://support.microsoft.com/help/912203” target=“_self”>Microsoft Knowledge Base Article 912203</a></td></tr><tr><td><span>Restart requirement</span></td><td>In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart.<br /><br />To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install the security update. For more information about the reasons why you may be prompted to restart, see <a href=“https://support.microsoft.com/help/887012” target=“_self”>Microsoft Knowledge Base Article 887012</a>.</td></tr><tr><td><span>Removal information</span></td><td>Use <span>Add or Remove Programs</span> item in <span>Control Panel</span>.</td></tr><tr><td><span>File information</span></td><td>See <a href=“https://support.microsoft.com/help/2920753” target=“_self”>Microsoft Knowledge Base Article 2920753</a></td></tr><tr><td><span>Registry key verification</span></td><td>Not applicable</td></tr></table></div><br /><h4>Microsoft Excel 2013 RT (all editions)</h4><span>Reference Table</span><br />The following table contains the security update information for this software. <div><table><tr><td><span>Deployment</span></td><td>The 2920753 update for Microsoft Excel 2013 RT is available through <a href=“http://go.microsoft.com/fwlink/?linkid=21130” target=“_self”>Windows Update</a>.</td></tr><tr><td><span>Restart requirement</span></td><td>In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart.<br /><br />To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install the security update. For more information about the reasons why you may be prompted to restart, see <a href=“https://support.microsoft.com/help/887012” target=“_self”>Microsoft Knowledge Base Article 887012</a>.</td></tr><tr><td><span>Removal information</span></td><td>Click <span>Control Panel</span>, click <span>System and Security</span>, click <span>Windows Update</span>, and under <strong>See also</strong>, click <span>Installed updates</span>, and then select from the list of updates.</td></tr><tr><td><span>File information</span></td><td>See <a href=“https://support.microsoft.com/help/2920753” target=“_self”>Microsoft Knowledge Base Article 2920753</a></td></tr></table></div><br /></div><br /></span></div></div></div></div><h2></h2><div><div><div><div><span><span></span></span><span><span>File hash information</span></span></div><div><span><div><div><table><tr><th>File name </th><th>SHA1</th><th>SHA256</th></tr><tr><td>excel2013-kb2920753-fullfile-x64-glb.exe</td><td>04A4C8A9E62527A85981264480C3E03D90A62729</td><td>0791E4F299A998FA79CFF1151592C699EB46614A3999822DB1B7E467FB203EC4</td></tr><tr><td>excel2013-kb2920753-fullfile-x86-glb.exe</td><td>BF59EB6F47D48ED5911830F24FF5838EE00DE9F3</td><td>5793BB7C7BDFFF07C74544CDC594D54ED83492E3FB51659DCEAD4AC11F515552</td></tr><tr><td>excel2007-kb2920788-fullfile-x86-glb.exe</td><td>FF5A5D33C9743BA79F05DB2596B5151730241177</td><td>4D6F0F7FF3DADD72BA0E28920DF88D69ED753C7497988941D52791B1953305AB</td></tr><tr><td>xlview2007-kb2920791-fullfile-x86-glb.exe</td><td>2BCB952909500BDC2AF22AF76B6DF3B3B96F7819</td><td>1230CE9443F8F7CC5F2D1A238AE9BD8E05D332641116868619DDA03E8D83D514</td></tr><tr><td>otkruntimertl2007-kb2920795-fullfile-x86-glb.exe</td><td>9E423B72F91C60335E3316F3BB70679DF1B3CE09</td><td>CCCCDBFC7326E8A8138ED318E730132B7CFD22631608E6AFD9D2C73D3871027C</td></tr><tr><td>wdsrv2010-kb2920810-fullfile-x64-glb.exe</td><td>823F52B3F9A3866F98FF6F365AB28FB71EA67A3E</td><td>288268B899364785F073440A5C945B41B81A57BE76C0B0D615A90115D1D7D4D3</td></tr><tr><td>kb24286772010-kb2956058-fullfile-x64-glb.exe</td><td>8F95264F21BFB3FFD7C15AF264D5461305A85210</td><td>5F1D0B07B63DC4C311A6CADA97F0F49F1A2DC8598E666B531882FA75267A5B76</td></tr><tr><td>kb24286772010-kb2956058-fullfile-x86-glb.exe</td><td>9B2EAD8AAE7327C00E2BDC8DE4CA5821E3E061E9</td><td>D44488F8DF16BD0136EB6F2D5B7F5B37B7FBDE1B7FEF4FA7FFB40B62BB2AC1B9</td></tr><tr><td>word2010-kb2956066-fullfile-x64-glb.exe</td><td>C14FB12EEC71C52412372C9163FF7B3441CD96DF</td><td>5157F2CCA635601397AB9C485170B8CB8F869A8ECB97F01AD69579F4277CED4D</td></tr><tr><td>word2010-kb2956066-fullfile-x86-glb.exe</td><td>DAAC3BC79D370CF725193318CEA25BF837E802C1</td><td>290BDB6D2F9EB4853CB40F77140D166C001B8A2CF54ACA483AD95D1F1A30D7D7</td></tr><tr><td>wac2010-kb2956070-fullfile-x64-glb.exe</td><td>ED784949EF696481AAEEEC4F61D5ADE274D1E816</td><td>B6FE66EA7F57542460DA1338252DCBE735FB8D411CC90C69B64B331F47D1E65D</td></tr><tr><td>proofloc2010-kb2956073-fullfile-x64-glb.exe</td><td>C0714A0051F319C20254A108F5A73A076430B644</td><td>1C81AC16D7C0A6A7B6E4F67AD25D0C4044BB2BD5D55854AED12BB4BD4E623E78</td></tr><tr><td>proofloc2010-kb2956073-fullfile-x86-glb.exe</td><td>FDB1FB5E02C03FF89FC728D5FFF8C9971DC8DE0A</td><td>728CD8CB71F9011CF4E7CAF3C7ED76A0C0EF44B64FEFF503253F16003A587FE2</td></tr><tr><td>excel2010-kb2956081-fullfile-x64-glb.exe</td><td>13B0CA14CBFA689E95FA54154867E9CE5EF128D3</td><td>6FF975BED8556F33648365AB8088508A04231B655C4CEB2E03122BE5FA14E0E7</td></tr><tr><td>excel2010-kb2956081-fullfile-x86-glb.exe</td><td>64BFABE82799B3B77DC2D64B50451F83ED945895</td><td>4B67B30EF6F60C20933DC11A30ADA4BDE4D700A6134093E93464868478CE8FBB</td></tr><tr><td>xlconv2007-kb2956097-fullfile-x86-glb.exe</td><td>CD886F1462CA1A7E727C2E833A1D5AE19AF644B2</td><td>A9B5F0443A98161A8DCB15B94069B0646C9E6558FD5E8A9CAE5C6CDBE7ED4A93</td></tr><tr><td>wordconv2007-kb2956098-fullfile-x86-glb.exe</td><td>9E796AEF1F1F214794911C9EBAF6530E841D55E1</td><td>8D75C15968A802E2144038B8DB995D58C5520EE1D0EEA70DF6FE65065A66E8A9</td></tr><tr><td>word2007-kb2956099-fullfile-x86-glb.exe</td><td>724D384C9D2149632A67D3D949E3840B8CB3775D</td><td>71562C4980603524312A6DAC1AB5C6C708E08A8C1CABD9A74EE3F1C590D3BA80</td></tr></table></div></div><br /></span></div></div></div></div></body></html>