Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB3213638
HistorySep 12, 2017 - 7:00 a.m.

Description of the security update for Office 2010: September 12, 2017

2017-09-1207:00:00
Microsoft
support.microsoft.com
60

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.592 Medium

EPSS

Percentile

97.7%

JSON

Description of the security update for Office 2010: September 12, 2017

Summary

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2017-8676, Microsoft Common Vulnerabilities and Exposures CVE-2017-8682, and Microsoft Common Vulnerabilities and Exposures CVE-2017-8695.

Note To apply this security update, you must have the release version of Service Pack 2 for Office 2010 installed on the computer.Note This security update does not apply on systems running Windows Vista, Windows Server 2008, or later versions of Windows.

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More Information

Security update deployment information

For deployment information about this update, see security update deployment information: September 12, 2017.

Security update replacement information

This security update doesn’t replace any previously released update.

File hash information

Package Name Package Hash SHA 1 Package Hash SHA 2
ogl2010-kb3213638-fullfile-x86-glb.exe 99102DB40319F4BFCC8211863422EBF99B34E0F3 105190E0182C4DD9B7FC0FEC61E8BA38C0A060DF176DE4EDD96F81354C474EF1
ogl2010-kb3213638-fullfile-x64-glb.exe 3786A8FB0E1E5884A055B4F5AB3E36B4D8FF81F1 C9C6DD21464D4755EFA089C6C753EEA4236AACA1FF2C71D31630C17F29B5BA18

File information

The English version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.For all supported x86-based versions of Office 2010| File identifier| File name| File version| File size| Date| Time
—|—|—|—|—|—
ogl.dll| ogl.dll| 14.0.7188.5000| 1,601,760| 26-Aug-2017| 01:04

For all supported x64-based versions of Office 2010File identifier File name File version File size Date Time
ogl.dll ogl.dll 14.0.7188.5000 2,116,312 26-Aug-2017 01:01
ogl.dll.x86 ogl.dll 14.0.7188.5000 1,601,760 26-Aug-2017 01:04

How to get help and support for this security update

Help for installing updates: Windows Update FAQSecurity solutions for IT professionals: Security Support and TroubleshootingHelp for protecting your Windows-based computer from viruses and malware: Microsoft SecureLocal support according to your country: International SupportPropose a feature or provide feedback on Office: Office User Voice portal

Related

openvas 16
mskb 21
nessus 12
mscve 3
checkpoint_advisories 1
symantec 3
zdi 1
zdt 1
prion 4
cve 4
kaspersky 3
talosblog 1
trendmicroblog 1
openvas
openvas
Microsoft Office Word Viewer Multiple Vulnerabilities (KB4011134)
2017-09-14 00:00:00
Microsoft Office 2010 Service Pack 2 Multiple Vulnerabilities (KB3213638)
2017-09-13 00:00:00
Microsoft Office Multiple Vulnerabilities (KB3213641)
2017-09-13 00:00:00
mskb
mskb
Description of the security update for 2007 Microsoft Office Suite: September 12, 2017
2017-09-12 07:00:00
Description of the security update for Word Viewer: September 12, 2017
2017-09-12 07:00:00
Description of the security update for Lync 2010 Attendee (user level install): September 12, 2017
2017-09-12 07:00:00
nessus
nessus
Security Updates for Microsoft Office Viewers (September 2017)
2017-09-12 00:00:00
Security Updates for Microsoft Skype for Business and Microsoft Lync and Microsoft Live Meeting (September 2017)
2017-09-12 00:00:00
Security Updates for Microsoft Office Products (September 2017)
2017-09-12 00:00:00
mscve
mscve
Win32k Graphics Remote Code Execution Vulnerability
2017-09-12 07:00:00
Windows GDI+ Information Disclosure Vulnerability
2017-09-12 07:00:00
Windows Uniscribe Information Disclosure Vulnerability
2017-09-12 07:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Win32k Graphics Remote Code Execution (CVE-2017-8682)
2017-09-12 00:00:00
symantec
symantec
Microsoft Windows Graphics Component CVE-2017-8682 Remote Code Execution Vulnerability
2017-09-12 00:00:00
Microsoft Windows Graphics Device Interface CVE-2017-8676 Local Information Disclosure Vulnerability
2017-09-12 00:00:00
Microsoft Windows Graphics Component CVE-2017-8695 Information Disclosure Vulnerability
2017-09-12 00:00:00
zdi
zdi
Microsoft Windows Bitmap Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
2017-09-12 00:00:00
zdt
zdt
Microsoft Windows Kernel - win32k.sys TTF Font Processing - Out-of-Bounds Reads/Writes with Malforme
2017-09-18 00:00:00
prion
prion
Information disclosure
2017-09-13 01:29:00
Information disclosure
2017-09-13 01:29:00
Remote code execution
2017-09-13 01:29:00
cve
cve
CVE-2017-8695
2017-09-13 01:29:00
CVE-2017-8676
2017-09-13 01:29:00
CVE-2017-8682
2017-09-13 01:29:00
kaspersky
kaspersky
KLA11100 Multiple vulnerabilities in Microsoft Office
2017-09-12 00:00:00
KLA11899 Multiple vulnerabilities in Microsoft Products (ESU)
2017-09-12 00:00:00
KLA11099 Multiple vulnerabilities in Microsoft Windows
2017-09-12 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - September 2017
2017-09-12 15:41:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of September 11, 2017
2017-09-15 14:59:53

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.592 Medium

EPSS

Percentile

97.7%

JSON
Related for KB3213638
openvas16mskb21nessus12mscve3checkpoint_advisories1symantec3zdi1zdt1prion4cve4kaspersky3talosblog1trendmicroblog1