Lucene search

K
mskbMicrosoftKB4484531
HistoryOct 13, 2020 - 7:00 a.m.

Description of the security update for SharePoint Server 2010: October 13, 2020

2020-10-1307:00:00
Microsoft
support.microsoft.com
21

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

Description of the security update for SharePoint Server 2010: October 13, 2020

Summary

This security update resolves a remote code execution vulnerability that exists in Microsoft Excel if the software does not correctly handle objects in memory. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2020-16929.

Note To apply this security update, you must have the release version of Service Pack 2 for Microsoft SharePoint Server 2010 installed on the computer.

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More information

Security update deployment information

For deployment information about this update, see security update deployment information: October 13, 2020.

Security update replacement information

This security update replaces previously released security update 4484191.

File hash information

File name SHA1 hash SHA256 hash
xlsrv2010-kb4484531-fullfile-x64-glb.exe B7253DCE4335CA556B715C1ABA0C470B6C6EA1E1 674D6140A1C6AEADD06221A417799139920589DD2B54D6600B27769D52C22F00

File informationThe English (United States) version of this software update installs files that have the attributes that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

__

For all supported x64-based versions of SharePoint Server 2010

File identifier File name File version File size Date Time
cuixas.js cuixas.js 263,367 07-Jan-2014 03:02
dynamicgridcontent.asmx dynamicgridcontent.asmx dynamicgridcontent.json 313 12-Feb-2008
ewabrowsercompat.js ewabrowsercompat.js 6,565 05-Nov-2009 11:47
ewachart.png 91,313 08-Dec-2010 04:43
ewacmdui.xml ewacmdui.xml 116,740 08-Dec-2010 08:28
ewainternalwebservice.asmx ewainternalwebservice.asmx ewainternalwebservice.json 322 12-Feb-2008
ewamenu.js ewamenu.js 41,074 13-Aug-2015 02:48
ewamoss.js ewamoss.js 786,371 15-Mar-2017 03:05
ewanewwpctrl.ascx excelwebrenderernewwebpartcontrol.ascx 2,202 15-Jun-2009 01:07
ewaparameterstaskpane.ascx ewaparameterstaskpane.ascx 1,511 28-Sep-2009 09:29
ewareadmodetoolbar.ascx ewareadmodetoolbar.ascx 3,963 08-Dec-2010 08:28
ewastringshandler.ashx ewastringshandler.ashx 317 22-Nov-2012 08:59
ewrdynamicimageprovider.aspx dynamicimageprovider.aspx 433 02-Jun-2009 11:56
ewrdynamicslicerprovider.aspx dynamicslicerprovider.aspx 529 02-Jun-2009 11:56
ewrtreeview.js ewrtreeview.js 19,012 15-Jun-2009 01:08
ewrxlfilehandler.aspx xlfilehandler.aspx 421 02-Jun-2009 11:56
ewrxlviewer.aspx xlviewer.aspx 9,316 08-Dec-2010 08:32
ewrxlviewerinternal.aspx xlviewerinternal.aspx 13,540 08-Dec-2010 08:32
excelrest.aspx excelrest.aspx 923 20-Mar-2009 02:02
excelservercreateapplication.aspx excelservercreateapplication.aspx 5,364 04-Sep-2009 05:03
excelserversafedataprovider.aspx excelserversafedataprovider.aspx 6,188 20-Sep-2008 08:29
excelserversafedataproviders.aspx excelserversafedataproviders.aspx 5,219 20-Sep-2008 08:29
excelserversettings.aspx excelserversettings.aspx 10,724 21-Apr-2009 11:42
excelservertrusteddcl.aspx excelservertrusteddcl.aspx 5,753 20-Jan-2009 03:23
excelservertrusteddcls.aspx excelservertrusteddcls.aspx 5,196 20-Sep-2008 08:30
excelservertrustedlocation.aspx excelservertrustedlocation.aspx 11,928 04-Sep-2009 05:03
excelservertrustedlocations.aspx excelservertrustedlocations.aspx 5,213 20-Sep-2008 08:30
excelserveruserdefinedfunction.aspx excelserveruserdefinedfunction.aspx 6,048 20-Jan-2009 03:24
excelserveruserdefinedfunctions.aspx excelserveruserdefinedfunctions.aspx 5,229 20-Sep-2008 08:30
excelservicedisco.aspx excelservicedisco.aspx 1,401 21-Feb-2008 11:53
excelservicesadmin.aspx excelservicesadmin.aspx 5,861 20-Jan-2009 03:24
excelservicewsdl.aspx excelservicewsdl.aspx 58,456 15-Jun-2009 01:06
excelwebrenderer.ascx excelwebrenderer.ascx 4,877 08-Dec-2010 08:28
inputformexcelserversetting.ascx inputformexcelserversetting.ascx 2,777 21-Feb-2008 11:42
mewadynamicimageprovider.aspx dynamicimageprovider.aspx 433 02-Jun-2009 11:56
microsoft.office.excel.webui.internal.dll microsoft.office.excel.webui.internal.dll 14.0.7006.1000 641,640 22-Nov-2012 09:18
microsoft.office.excel.webui.mobile.dll microsoft.office.excel.webui.mobile.dll 14.0.7160.5000 114,760 16-Sep-2015 12:15
slicerrenderer.ascx slicerrenderercontrol.ascx 7,687 05-Nov-2009 11:44
xlsrv.dll xlsrv.dll 14.0.7261.5000 14,676,128 18-Sep-2020 05:49
xlsrvintl.dll.1033 xlsrvintl.dll 14.0.7261.5000 115,384 15-Sep-2020 11:45

Information about protection and securityProtect yourself online: Windows Security supportLearn how we guard against cyber threats: Microsoft Security

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P