Lucene search

K
mskbMicrosoftKB4011605
HistoryJan 09, 2018 - 12:00 a.m.

Description of the security update for Microsoft Office Compatibility Pack Service Pack 3: January 9, 2018

2018-01-0900:00:00
Microsoft
support.microsoft.com
27

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.197 Low

EPSS

Percentile

96.2%

Description of the security update for Microsoft Office Compatibility Pack Service Pack 3: January 9, 2018

Summary

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2018-0796.

Note To apply this security update, you must have the release version of Service Pack 3 for the 2007 Microsoft Office Suite installed on the computer.

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More Information

Security update deployment information

For deployment information about this update, see security update deployment information: January 9, 2018.

Security update replacement information

This security update replaces previously released security update KB 4011205.

File hash information

Package Name Package Hash SHA 1 Package Hash SHA 2
xlconv2007-kb4011605-fullfile-x86-glb.exe E9534AA1D66A133AE0CB676DE4A1B2106A42C2D0 54878609C2EFADE6F0EF6DE32BAF788F358976F45B84E2F7B9903118C7DCB1CE

File information

The English version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

For all supported x86-based versions of Microsoft Office Compatibility Pack Service Pack 3

File name File version File size Date Time Platform
Xlconv-x-none.xml Not applicable 30,733 14-Dec-2017 15:36 Not applicable
Xl12cnv.exe 12.0.6784.5000 15,164,096 14-Dec-2017 05:42 x86

How to get help and support for this security update

Help for installing updates: Windows Update FAQ

Security solutions for IT professionals: Security Support and Troubleshooting

Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure

Local support according to your country: International SupportPropose a feature or provide feedback on Office Core: Office User Voice portal

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.197 Low

EPSS

Percentile

96.2%