MS16-042: Description of the security update for Excel Services on SharePoint Server 2010: April 12, 2016

Summary

This security update resolves vulnerabilities in SharePoint that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Security Bulletin MS16-042.

Note To apply this security update, you must have the release version of Service Pack 2 for Microsoft SharePoint Server 2010 installed on the computer.

For a complete list of affected versions of Microsoft Office software, see Microsoft Knowledge Base article KB3148775.

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see the “Turn on automatic updating in Control Panel” section of this Safety & Security Center article.

Method 2: Microsoft Download Center

You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

• Download the security update KB3114871 for the 64-bit version of Excel Services on SharePoint Server 2010

More Information

Security update deployment information

For deployment information about this update, see Microsoft Knowledge Base article KB3148775.

Security update replacement information

This security update replaces previously released security update KB3114401.

File hash information

Package Name	Package Hash SHA 1	Package Hash SHA 2
xlsrv2010-kb3114871-fullfile-x64-glb.exe	1AFCE4CE6072A113A3A05D65F8711EC6D9600B2B	0AD406308277E44A5BED94650AA9905D6E55392DB0F7E98CB755210722DD0655

__

File information

The English version of this security update has the file attributes (or later file attributes) that are listed in the following table.

For all supported x64-based versions of Excel Services on SharePoint Server 2010File identifier	File name	File version	File size	Date	Time
cuixas.js	cuixas.js		263,367	12-Feb-2014	03:16
dynamicgridcontent.asmx	dynamicgridcontent.asmx	dynamicgridcontent.json		313	12-Feb-2008
ewabrowsercompat.js	ewabrowsercompat.js		6,565	05-Nov-2009	11:47
ewachart.png			91,313	29-Mar-2011	11:15
ewacmdui.xml	ewacmdui.xml		116,740	30-Mar-2011	03:13
ewainternalwebservice.asmx	ewainternalwebservice.asmx	ewainternalwebservice.json		322	12-Feb-2008
ewamenu.js	ewamenu.js		41,074	13-Aug-2015	02:48
ewamoss.js	ewamoss.js		786,371	09-Jan-2013	11:36
ewanewwpctrl.ascx	excelwebrenderernewwebpartcontrol.ascx		2,202	15-Jun-2009	01:07
ewaparameterstaskpane.ascx	ewaparameterstaskpane.ascx		1,511	28-Sep-2009	09:29
ewareadmodetoolbar.ascx	ewareadmodetoolbar.ascx		3,963	30-Mar-2011	03:13
ewastringshandler.ashx	ewastringshandler.ashx		317	22-Nov-2012	08:59
ewrdynamicimageprovider.aspx	dynamicimageprovider.aspx		433	02-Jun-2009	11:56
ewrdynamicslicerprovider.aspx	dynamicslicerprovider.aspx		529	02-Jun-2009	11:56
ewrtreeview.js	ewrtreeview.js		19,012	15-Jun-2009	01:08
ewrxlfilehandler.aspx	xlfilehandler.aspx		421	02-Jun-2009	11:56
ewrxlviewer.aspx	xlviewer.aspx		9,316	30-Mar-2011	03:17
ewrxlviewerinternal.aspx	xlviewerinternal.aspx		13,540	30-Mar-2011	03:17
excelrest.aspx	excelrest.aspx		923	20-Mar-2009	02:02
excelservercreateapplication.aspx	excelservercreateapplication.aspx		5,364	04-Sep-2009	05:03
excelserversafedataprovider.aspx	excelserversafedataprovider.aspx		6,188	20-Sep-2008	08:29
excelserversafedataproviders.aspx	excelserversafedataproviders.aspx		5,219	20-Sep-2008	08:29
excelserversettings.aspx	excelserversettings.aspx		10,724	21-Apr-2009	11:42
excelservertrusteddcl.aspx	excelservertrusteddcl.aspx		5,753	20-Jan-2009	03:23
excelservertrusteddcls.aspx	excelservertrusteddcls.aspx		5,196	20-Sep-2008	08:30
excelservertrustedlocation.aspx	excelservertrustedlocation.aspx		11,928	04-Sep-2009	05:03
excelservertrustedlocations.aspx	excelservertrustedlocations.aspx		5,213	20-Sep-2008	08:30
excelserveruserdefinedfunction.aspx	excelserveruserdefinedfunction.aspx		6,048	20-Jan-2009	03:24
excelserveruserdefinedfunctions.aspx	excelserveruserdefinedfunctions.aspx		5,229	20-Sep-2008	08:30
excelservicedisco.aspx	excelservicedisco.aspx		1,401	21-Feb-2008	11:53
excelservicesadmin.aspx	excelservicesadmin.aspx		5,861	20-Jan-2009	03:24
excelservicewsdl.aspx	excelservicewsdl.aspx		58,456	15-Jun-2009	01:06
excelwebrenderer.ascx	excelwebrenderer.ascx		4,877	30-Mar-2011	03:13
inputformexcelserversetting.ascx	inputformexcelserversetting.ascx		2,777	21-Feb-2008	11:42
mewadynamicimageprovider.aspx	dynamicimageprovider.aspx		433	02-Jun-2009	11:56
microsoft.office.excel.webui.internal.dll	microsoft.office.excel.webui.internal.dll	14.0.7006.1000	641,640	22-Nov-2012	09:18
microsoft.office.excel.webui.mobile.dll	microsoft.office.excel.webui.mobile.dll	14.0.7160.5000	114,760	16-Sep-2015	12:15
slicerrenderer.ascx	slicerrenderercontrol.ascx		7,687	05-Nov-2009	11:44
xlsrv.dll	xlsrv.dll	14.0.7168.5000	14,663,400	17-Mar-2016	11:47
xlsrvintl.dll.1033	xlsrvintl.dll	14.0.7168.5000	115,456	17-Mar-2016	10:02

__

How to get help and support for this security update

Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support