MS15-022: Description of the security update for the 2007 Microsoft Office system: March 10, 2015

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Microsoft Office document in an affected version of Office. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user.

Improvements and fixes

This update also contains a fix for the following nonsecurity issue:

Updates the 2007 Office system to work correctly with design changes that were made to the Microsoft Forms ActiveX Control (FM20.dll) shared component library. For more information, see the following Microsoft Knowledge Base article:

Microsoft has released security bulletin MS15-022. Learn more about how to obtain the fixes that are included in this security bulletin:

• For individual, small business, and organizational users, use the Windows automatic updating feature to install the fixes from Microsoft Update. To do this, see Get security updates automatically on the Microsoft Safety and Security Center website.
  
• For IT professionals, see Microsoft Security Bulletin MS15-022 on the Security TechCenter website.

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security support and troubleshooting

Help protect your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International support