Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB3178703
HistoryApr 11, 2017 - 7:00 a.m.

Description of the security update for Office 2016: April 11, 2017

2017-04-1107:00:00
Microsoft
support.microsoft.com
290

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

99.9%

JSON

Description of the security update for Office 2016: April 11, 2017

Summary

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2017-0199.

Note To apply this security update, you must have the release version of Office 2016 installed on the computer.

Deployment information

For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:
Security update deployment information: April 11, 2017

How to get and install the update

Method 1: Microsoft Update

This update is no longer available from Microsoft Update. It has been replaced by KB3213545.

Method 2: Microsoft Update Catalog

This update is no longer available from the Microsoft Update Catalog website. It has been replaced by KB3213545.

Method 3: Microsoft Download Center

You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More Information

Security update replacement information

This security update does not replace any previously released security update.

File hash information

Package Name Package Hash SHA 1 Package Hash SHA 2
msodll302016-kb3178703-fullfile-x86-glb.exe FD0DB52C82A9D2435CA6D8A7D38761F8E369C6EF 26D6AFAD4646179B7174DD1A68D3CECF2F902C9BAEF88696288BCBCE67B525EE
msodll302016-kb3178703-fullfile-x64-glb.exe C3FEB473A4DC1CFA208D409B9B0D408748FD104E CC10E6FE3D7CAD045CBA1777B951260B654504F5033EC2535EAAF34CF492A0AC

File information

The English version of this security update has the file attributes (or later file attributes) that are listed in the following table.
For all supported x86-based versions of Office 2016| File identifier| File name| File version| File size| Date| Time
—|—|—|—|—|—
msointl30.dll.x86.2074| msointl30.dll| 16.0.4309.1000| 60608| 15-Mar-17| 08:26
msointl30.dll.x86.1054| msointl30.dll| 16.0.4483.1000| 80632| 15-Mar-17| 08:26
mso30win32client.dll| mso30win32client.dll| 16.0.4522.1000| 4748544| |
mso30win32client.dll.x64| mso30win32client.dll| 16.0.4522.1000| 4748544| 15-Mar-17| 08:12
msointl30.dll.x86.1033| msointl30.dll| 16.0.4309.1000| 59584| 14-Mar-17| 08:24
mso30win32client.dll.x86| mso30win32client.dll| 16.0.4522.1000| 3186944| 15-Mar-17| 08:14

For all supported x64-based versions of Office 2016File identifier File name File version File size Date Time
conversion.msoserver.msointl30_win32.dll_2074 msointl30_win32.dll 16.0.4309.1000 60608
msointl30.dll.x64.2074 msointl30.dll 16.0.4309.1000 60608 15-Mar-17 08:21
conversion.msoserver.msointl30_win32.dll_1054 msointl30_win32.dll 16.0.4483.1000 80640 15-Mar-17 08:21
msointl30.dll.x64.1054 msointl30.dll 16.0.4483.1000 80640 15-Mar-17 08:21
msointl30.dll.x86.2074 msointl30.dll 16.0.4309.1000 60608 15-Mar-17 08:26
msointl30.dll.x86.1054 msointl30.dll 16.0.4483.1000 80632 15-Mar-17 08:26
conversion.msoserver.msointl30_win32.dll_1033 msointl30_win32.dll 16.0.4309.1000 59584
msointl30.dll.x64.1033 msointl30.dll 16.0.4309.1000 59584 14-Mar-17 08:26
mso30win32client.dll mso30win32client.dll 16.0.4522.1000 4748544
mso30win32client.dll.x64 mso30win32client.dll 16.0.4522.1000 4748544 15-Mar-17 08:12
msointl30.dll.x86.1033 msointl30.dll 16.0.4309.1000 59584 14-Mar-17 08:24
mso30win32client.dll.x86 mso30win32client.dll 16.0.4522.1000 3186944 15-Mar-17 08:14

How to get help and support for this security update

Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

Propose a feature or provide feedback on Office Core: Office User Voice portal

Related

packetstorm 3
thn 7
myhack58 14
securelist 25
fireeye 16
zdt 4
exploitpack 2
openvas 8
threatpost 14
mskb 8
malwarebytes 9
talosblog 9
saint 3
metasploit 1
mscve 1
cisa_kev 1
checkpoint_advisories 1
attackerkb 1
nessus 6
cve 1
ics 6
hivepro 2
mssecure 2
seebug 2
cert 1
rapid7community 2
prion 1
exploitdb 3
avleonov 1
kaspersky 4
canvas 1
trellix 2
qualysblog 5
packetstorm
packetstorm
Microsoft Office Word Malicious Hta Execution
2017-04-24 00:00:00
Microsoft RTF Remote Code Execution
2017-04-19 00:00:00
Microsoft Word MTA Handler Remote Code Execution
2017-06-27 00:00:00
thn
thn
Not Just Criminals, But Governments Were Also Using MS Word 0-Day Exploit
2017-04-12 21:41:00
Petya Ransomware Spreading Rapidly Worldwide, Just Like WannaCry
2017-06-27 03:32:00
Indian-Made Mobile Spyware Targeted Human Rights Activist in Togo
2021-10-11 09:21:00
myhack58
myhack58
CVE-2017-0199: in-depth analysis of the Microsoft Office RTF vulnerability-vulnerability warning-the black bar safety net
2017-06-08 00:00:00
A newline character causes the Oscar vulnerability 0day(CVE-2017-8759)reproduction-latest Office the highest level of threat attack warning-vulnerability warning-the black bar safety net
2017-09-13 00:00:00
CVE-2017-0199: analysis Microsoft Office RTF vulnerability-vulnerability warning-the black bar safety net
2017-04-13 00:00:00
securelist
securelist
RevengeHotels: cybercrime targeting hotel front desks worldwide
2019-11-28 10:00:48
The BlueNoroff cryptocurrency hunt is still on
2022-01-13 09:00:23
APT Trends report Q3 2017
2017-11-14 09:41:27
fireeye
fireeye
CVE-2017-0199: In the Wild Attacks Leveraging HTA Handler
2017-04-11 13:30:00
CVE-2017-0199 Used as Zero Day to Distribute FINSPY Espionage Malware and LATENTBOT Cyber Crime Malware
2017-04-12 15:00:00
CVE-2017-0199 Used as Zero Day to Distribute FINSPY Espionage Malware and LATENTBOT Cyber Crime Malware
2017-04-12 11:00:00
zdt
zdt
Microsoft Word - .RTF Remote Code Execution Exploit
2017-04-19 00:00:00
Microsoft Office / WordPad Remote Code Execution Vulnerability
2017-04-16 00:00:00
Microsoft Excel - OLE Arbitrary Code Execution Exploit
2017-10-18 00:00:00
exploitpack
exploitpack
Microsoft Word - .RTF Remote Code Execution
2017-04-18 00:00:00
Microsoft Office - Composite Moniker Remote Code Execution
2018-01-09 00:00:00
openvas
openvas
Microsoft Office Suite Remote Code Execution Vulnerability (KB3178703)
2017-04-12 00:00:00
Microsoft Office Suite Remote Code Execution Vulnerability (KB3141529)
2017-04-12 00:00:00
Microsoft Office Suite Remote Code Execution Vulnerability (KB3141538)
2017-04-12 00:00:00
threatpost
threatpost
Stealthy Malware Hidden in Images Takes to GoogleUserContent
2018-07-19 19:29:29
APT36 Taps Coronavirus as 'Golden Opportunity' to Spread Crimson RAT
2020-03-17 15:07:38
Ramsay Malware Targets Air-Gapped Networks
2020-05-13 15:56:34
mskb
mskb
Description of the security update for Office 2013: April 11, 2017
2017-04-11 07:00:00
Description of the security update for Office 2010: April 11, 2017
2017-04-11 07:00:00
Description of the security update for 2007 Microsoft Office Suite: April 11, 2017
2017-04-11 07:00:00
malwarebytes
malwarebytes
Fake IRS notice delivers customized spying tool
2017-09-21 15:00:24
APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT
2020-03-16 15:00:00
Magecart Group 4: A link with Cobalt Group?
2019-10-03 15:00:00
talosblog
talosblog
New campaign uses government, union-themed lures to deliver Cobalt Strike beacons
2022-09-28 12:12:00
JhoneRAT: Cloud based python RAT targeting Middle Eastern countries
2020-01-19 02:58:29
Threat Round Up For Sept 8 - Sept 15
2017-09-15 13:10:00
saint
saint
Microsoft Word and WordPad RTF HTA handler command execution
2017-04-20 00:00:00
Microsoft Word and WordPad RTF HTA handler command execution
2017-04-20 00:00:00
Microsoft Word and WordPad RTF HTA handler command execution
2017-04-20 00:00:00
metasploit
metasploit
Microsoft Office Word Malicious Hta Execution
2017-04-15 02:32:48
mscve
mscve
Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows
2017-04-11 07:00:00
cisa_kev
cisa_kev
Microsoft Office and WordPad Remote Code Execution Vulnerability
2021-11-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Outlook Remote Code Execution (CVE-2017-0199)
2017-04-11 00:00:00
attackerkb
attackerkb
CVE-2017-0199
2017-04-12 00:00:00
nessus
nessus
KB4014793: Microsoft Wordpad Remote Code Execution vulnerability (April 2017)
2017-10-20 00:00:00
MS17-010: Security Update for Microsoft Windows SMB Server (4013389) (ETERNALBLUE) (ETERNALCHAMPION) (ETERNALROMANCE) (ETERNALSYNERGY) (WannaCry) (EternalRocks) (Petya) (uncredentialed check)
2017-03-20 00:00:00
Security Update for Microsoft Office Products (April 2017) (Petya)
2017-04-12 00:00:00
cve
cve
CVE-2017-0199
2017-04-12 14:59:00
ics
ics
Dridex Malware
2020-06-30 12:00:00
Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
2022-02-24 12:00:00
Top 10 Routinely Exploited Vulnerabilities
2020-05-12 12:00:00
hivepro
hivepro
SnatchCrypto campaign carried out by North Korean APT 38 subsidiary BlueNoroff
2022-01-14 06:23:18
Actors, Threats and Vulnerabilities 08 to 14 May 2023
2023-05-16 06:27:25
mssecure
mssecure
Hawkeye Keylogger – Reborn v8: An in-depth campaign analysis
2018-07-11 18:50:14
Office 365 Advanced Threat Protection defense for corporate networks against recent Office exploit attacks
2017-11-21 13:46:01
seebug
seebug
Microsoft Office OLE2Link vulnerability (CVE-2017-0199)
2017-04-12 00:00:00
FireEye Uncovers CVE-2017-8759: Zero-Day Used in the Wild to Distribute FINSPY
2017-09-14 00:00:00
cert
cert
Microsoft OLE URL Moniker improperly handles remotely-linked HTA data
2017-04-10 00:00:00
rapid7community
rapid7community
Patch Tuesday - April 2017
2017-04-12 03:13:07
Metasploit Weekly Wrapup
2017-05-05 20:37:48
prion
prion
Remote code execution
2017-04-12 14:59:00
exploitdb
exploitdb
Microsoft Office Word - '.RTF' Malicious HTA Execution (Metasploit)
2017-04-25 00:00:00
Microsoft Word - '.RTF' Remote Code Execution
2017-04-18 00:00:00
Microsoft Office - 'Composite Moniker Remote Code Execution
2018-01-09 00:00:00
avleonov
avleonov
Petya the Great and why *they* don’t patch vulnerabilities
2017-06-29 21:29:50
kaspersky
kaspersky
KLA10995 Multiple arbitrary code execution vulnerabilities in Microsoft office
2016-09-09 00:00:00
KLA11024 Defense-in-Depth Update for Microsoft Office
2017-04-11 00:00:00
KLA11059 Multiple vulnerabilities in Microsoft Windows
2017-04-11 00:00:00
canvas
canvas
Immunity Canvas: OFFICE_WSDL
2017-09-13 01:29:00
trellix
trellix
The Tale of Two Exploits - Breaking Down CVE-2023-36884 and the Infection Chain
2023-08-24 00:00:00
The Tale of Two Exploits - Breaking Down CVE-2023-36884 and the Infection Chain
2023-08-24 00:00:00
qualysblog
qualysblog
Microsoft Fixes 45 Vulnerabilities with new Security Update Guide – says goodbye to Security Bulletins
2017-04-11 18:24:03
Top 19+ Vulnerability CVEs in Santa’s Dashboard Tracking
2019-12-27 18:01:22
Part 2: An In-Depth Look at the Latest Vulnerability Threat Landscape (Attackers’ Edition)
2023-07-18 13:38:53

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

99.9%

JSON
Related for KB3178703
packetstorm3thn7myhack5814securelist25fireeye16zdt4exploitpack2openvas8threatpost14mskb8malwarebytes9talosblog9saint3metasploit1mscve1cisa_kev1checkpoint_advisories1attackerkb1nessus6cve1ics6hivepro2mssecure2seebug2cert1rapid7community2prion1exploitdb3avleonov1kaspersky4canvas1trellix2qualysblog5