Lucene search

K
mskbMicrosoftKB3141538
HistoryApr 11, 2017 - 7:00 a.m.

Description of the security update for Office 2010: April 11, 2017

2017-04-1107:00:00
Microsoft
support.microsoft.com
889

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

Description of the security update for Office 2010: April 11, 2017

Summary

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2017-0199.

This security update disables certain graphics filters. For more information, see the following article:

  • 2479871 Security settings for graphic filters for Microsoft Office 2013, Microsoft Office 2010, the 2007 Microsoft Office system, Microsoft Office 2003, and Microsoft Office XP
    Note To apply this security update, you must have the release version of Service Pack 2 for Office 2010 installed on the computer.

Deployment information

For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:
Security update deployment information: April 11, 2017

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.


More Information

Security update replacement information

This security update replaces previously released security update 3118380.

File hash information

Package name Package hash SHA 1 Package hash SHA 2
mso2010-kb3141538-fullfile-x86-glb.exe 3D773BC7D79FE8A42F6C0D67CC57848A38C35F14 D6AA2C80C9DF9DF1EDB5BD63E6E9CCFD0F949DB15206D5C39905A3C6BF54889D
mso2010-kb3141538-fullfile-x64-glb.exe CB62006B5560F32DC11C04F1ED4C2E1392F6B435 3AB372BAD692403500076A3F262FC4854F5A0ACE007ED09B1BD7327B179973FB

File informationThe English version of this security update has the file attributes (or later file attributes) that are listed in the following table.
For all supported x86-based versions of Office 2010| File identifier| File name| File version| File size| Date| Time
—|—|—|—|—|—
mso.dll.x86| mso.dll| 14.0.7180.5002| 18,441,472| 02-Apr-2017| 7:46

For all supported x64-based versions of Office 2010File identifier File name File version File size Date Time
mso.dll.x64 mso.dll 14.0.7180.5002 24,343,808 02-Apr-2017 7:58
mso.dll.x86 mso.dll 14.0.7180.5002 18,441,472 02-Apr-2017 7:46

How to get help and support for this security update

Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

Propose a feature or provide feedback on Office Core: Office User Voice portal


7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%