Description of the security update for SharePoint Server 2010 Excel Web App: October 13, 2020

Summary

This security update resolves a remote code execution vulnerability that exists in Microsoft Excel if the software does not correctly handle objects in memory. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2020-16929.

Note To apply this security update, you must have the release version of Service Pack 2 for SharePoint Server 2010 Office Web Apps installed on the computer.

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

• Download security update 4462175 for the 64-bit version of SharePoint Server 2010 Excel Web App

More information

Security update deployment information

For deployment information about this update, see security update deployment information: October 13, 2020.

Security update replacement information

This security update replaces previously released security update 3101522.

File hash information

File name	SHA1 hash	SHA256 hash
xlwac2010-kb4462175-fullfile-x64-glb.exe	65A5ADA714D6FDB620F9265A7E4A624B8EABC1F0	7C2749D46524F9AFA98DD8A31C1C1790075C9A7270D067152758F284B227CC0F

File informationThe English (United States) version of this software update installs files that have the attributes that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

__

For all supported x64-based versions of SharePoint Server 2010 Excel Web App

File identifier	File name	File version	File size	Date	Time
cuixas.js	cuixas.js		263,367	07-Jan-2014	03:02
dynamicgridcontent.asmx	dynamicgridcontent.asmx	dynamicgridcontent.json		313	12-Feb-2008
ewabrowsercompat.js	ewabrowsercompat.js		6,565	05-Nov-2009	11:47
ewachart.png			91,313	08-Dec-2010	04:43
ewacmdui.xml	ewacmdui.xml		116,740	08-Dec-2010	08:28
ewainternalwebservice.asmx	ewainternalwebservice.asmx	ewainternalwebservice.json		322	12-Feb-2008
ewamenu.js	ewamenu.js		41,074	13-Aug-2015	02:48
ewamoss.js	ewamoss.js		786,371	15-Mar-2017	03:05
ewanewwpctrl.ascx	excelwebrenderernewwebpartcontrol.ascx		2,202	15-Jun-2009	01:07
ewaparameterstaskpane.ascx	ewaparameterstaskpane.ascx		1,511	28-Sep-2009	09:29
ewareadmodetoolbar.ascx	ewareadmodetoolbar.ascx		3,963	08-Dec-2010	08:28
ewastringshandler.ashx	ewastringshandler.ashx		317	22-Nov-2012	08:59
ewrdynamicimageprovider.aspx	dynamicimageprovider.aspx		433	02-Jun-2009	11:56
ewrdynamicslicerprovider.aspx	dynamicslicerprovider.aspx		529	02-Jun-2009	11:56
ewrtreeview.js	ewrtreeview.js		19,012	15-Jun-2009	01:08
ewrxlfilehandler.aspx	xlfilehandler.aspx		421	02-Jun-2009	11:56
ewrxlviewer.aspx	xlviewer.aspx		9,316	08-Dec-2010	08:32
ewrxlviewerinternal.aspx	xlviewerinternal.aspx		13,540	08-Dec-2010	08:32
excelservercreateapplication.aspx	excelservercreateapplication.aspx		5,364	04-Sep-2009	05:03
excelserversafedataprovider.aspx	excelserversafedataprovider.aspx		6,188	20-Sep-2008	08:29
excelserversafedataproviders.aspx	excelserversafedataproviders.aspx		5,219	20-Sep-2008	08:29
excelserversettings.aspx	excelserversettings.aspx		10,724	21-Apr-2009	11:42
excelservertrusteddcl.aspx	excelservertrusteddcl.aspx		5,753	20-Jan-2009	03:23
excelservertrusteddcls.aspx	excelservertrusteddcls.aspx		5,196	20-Sep-2008	08:30
excelservertrustedlocation.aspx	excelservertrustedlocation.aspx		11,928	04-Sep-2009	05:03
excelservertrustedlocations.aspx	excelservertrustedlocations.aspx		5,213	20-Sep-2008	08:30
excelserveruserdefinedfunction.aspx	excelserveruserdefinedfunction.aspx		6,048	20-Jan-2009	03:24
excelserveruserdefinedfunctions.aspx	excelserveruserdefinedfunctions.aspx		5,229	20-Sep-2008	08:30
excelservicesadmin.aspx	excelservicesadmin.aspx		5,861	20-Jan-2009	03:24
excelwebrenderer.ascx	excelwebrenderer.ascx		4,877	08-Dec-2010	08:28
inputformexcelserversetting.ascx	inputformexcelserversetting.ascx		2,777	21-Feb-2008	11:42
mewadynamicimageprovider.aspx	dynamicimageprovider.aspx		433	02-Jun-2009	11:56
microsoft.office.excel.webui.internal.dll	microsoft.office.excel.webui.internal.dll	14.0.7006.1000	641,640	22-Nov-2012	09:18
microsoft.office.excel.webui.mobile.dll	microsoft.office.excel.webui.mobile.dll	14.0.7160.5000	114,760	16-Sep-2015	12:15
slicerrenderer.ascx	slicerrenderercontrol.ascx		7,687	05-Nov-2009	11:44
xlsrv.dll	xlsrv.dll	14.0.7261.5000	14,676,128	18-Sep-2020	05:49
xlsrvintl.dll.1033	xlsrvintl.dll	14.0.7261.5000	115,384	15-Sep-2020	11:45

Information about protection and securityProtect yourself online: Windows Security supportLearn how we guard against cyber threats: Microsoft Security