Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB4486755
HistoryJan 12, 2021 - 8:00 a.m.

Description of the security update for Office 2016: January 12, 2021

2021-01-1208:00:00
Microsoft
support.microsoft.com
25
remote code execution
microsoft update
catalog
download center
aceoleb provider
file hash
security update

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

High

EPSS

0.011

Percentile

84.9%

JSON

Description of the security update for Office 2016: January 12, 2021

Summary

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2021-1711.

Note To apply this security update, you must have the release version of Office 2016 installed on the computer.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer (.msi)-based edition of Office 2016. It doesn’t apply to the Office 2016 Click-to-Run editions, such as Microsoft Office 365 Home (see What version of Office am I using?).

Improvements and fixes

This security update contains a fix for the following nonsecurity issue:

  • Applications that use the ACEOLEB provider might stop responding when they try to open a connection.

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More information

Security update deployment information

For deployment information about this update, see security update deployment information: January 12, 2021.

Security update replacement information

This security update replaces previously released security update 4484508.

File hash information

File name SHA1 hash SHA256 hash
ace2016-kb4486755-fullfile-x86-glb.exe 8185B59236CFF63969E60CA8B2451B3E5CE90880 931131A4F591D150928205CF6F81882E5CA6EC9860F163C2CC5F47F20B51C0A0
ace2016-kb4486755-fullfile-x64-glb.exe EC8E449D0C9A8F8EF7DECAE040F8609DA9B53D31 06ADCD688D17563AE2CD228C2CA7D40953F242D98AE18CECD7ADE9182D9EDDF4

File informationThe English (United States) version of this software update installs files that have the attributes that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

__

For all supported x86-based versions of Office 2016

File identifier File name File version File size Date Time
acecore.dll acecore.dll 16.0.5110.1000 1700232 16-Dec-20 08:12
acacedao.dll acedao.dll 16.0.5095.1000 448496 15-Dec-20 06:26
acedao.dll acedao.dll 16.0.5095.1000 448496 15-Dec-20 06:26
aceerr.dll aceerr.dll 16.0.5095.1000 50088 15-Dec-20 06:26
acees.dll acees.dll 16.0.5095.1000 676312 15-Dec-20 06:26
aceexch.dll aceexch.dll 16.0.5095.1000 203200 15-Dec-20 06:26
aceexcl.dll aceexcl.dll 16.0.5095.1000 414120 15-Dec-20 06:26
aceodbc.dll aceodbc.dll 16.0.5095.1000 300008 15-Dec-20 06:26
aceoddbs.dll aceoddbs.dll 16.0.4684.1000 26472 15-Dec-20 06:26
aceoledb.dll aceoledb.dll 16.0.5095.1000 340416 15-Dec-20 06:26
acetxt.dll acetxt.dll 16.0.5095.1000 175016 15-Dec-20 06:26
acexbe.dll acexbe.dll 16.0.5095.1000 267688 15-Dec-20 06:26
expsrv.dll expsrv.dll 7.1.1104 333192 15-Dec-20 09:22
vbajet32.dll vbajet32.dll 7.1.1104 17800 15-Dec-20 09:22

__

For all supported x64-based versions of Office 2016

File identifier File name File version File size Date Time
acecore.dll acecore.dll 16.0.5110.1000 2292616 16-Dec-20 08:12
acacedao.dll acedao.dll 16.0.5095.1000 606192 15-Dec-20 06:48
acedao.dll acedao.dll 16.0.5095.1000 606192 15-Dec-20 06:48
acees.dll acees.dll 16.0.5095.1000 906192 15-Dec-20 06:48
aceexch.dll aceexch.dll 16.0.4759.1000 259480 15-Dec-20 06:48
aceexcl.dll aceexcl.dll 16.0.5095.1000 545696 15-Dec-20 06:48
aceodbc.dll aceodbc.dll 16.0.4999.1000 352624 15-Dec-20 06:48
aceoddbs.dll aceoddbs.dll 16.0.4513.1000 28536 15-Dec-20 06:48
aceoledb.dll aceoledb.dll 16.0.5083.1000 441264 15-Dec-20 06:48
acetxt.dll acetxt.dll 16.0.4996.1000 213912 15-Dec-20 06:48
acexbe.dll acexbe.dll 16.0.4831.1000 326544 15-Dec-20 06:48
expsrv.dll expsrv.dll 7.1.1104 503672 15-Dec-20 09:16
vbajet32.dll vbajet32.dll 7.1.1104 20872 15-Dec-20 09:16

Information about protection and securityProtect yourself online: Windows Security supportLearn how we guard against cyber threats: Microsoft Security

Related

nvd 1
openvas 3
mskb 2
cve 1
mscve 1
prion 1
cvelist 1
nessus 2
kaspersky 1
rapid7blog 1
nvd
nvd
CVE-2021-1711
2021-01-12 20:15:34
openvas
openvas
Microsoft Office Remote Code Execution Vulnerability (KB4486762)
2021-01-13 00:00:00
Microsoft Office 2016 Remote Code Execution Vulnerability (KB4486755)
2021-01-13 00:00:00
Microsoft Office 2010 Service Pack 2 Remote Code Execution Vulnerability (KB4493143)
2021-01-13 00:00:00
mskb
mskb
Description of the security update for Office 2010: January 12, 2021
2021-01-12 08:00:00
Description of the security update for Office 2013: January 12, 2021
2021-01-12 08:00:00
cve
cve
CVE-2021-1711
2021-01-12 20:15:34
mscve
mscve
Microsoft Office Remote Code Execution Vulnerability
2021-01-12 08:00:00
prion
prion
Remote code execution
2021-01-12 20:15:00
cvelist
cvelist
CVE-2021-1711 Microsoft Office Remote Code Execution Vulnerability
2021-01-12 19:42:41
nessus
nessus
Security Updates for Microsoft Office Products C2R (January 2021)
2022-06-10 00:00:00
Security Updates for Microsoft Office Products (January 2021)
2021-01-12 00:00:00
kaspersky
kaspersky
KLA12042 Multiple vulnerabilities in Microsoft Office
2021-01-12 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - January 2021
2021-01-12 23:59:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

High

EPSS

0.011

Percentile

84.9%

JSON
Related for KB4486755
nvd1openvas3mskb2cve1mscve1prion1cvelist1nessus2kaspersky1rapid7blog1