Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

XL2000: Update Available for the Excel 2000 SR-1 REGISTER.ID Function Vulnerability


View products that this article applies to.

This article was previously published under Q269252

↑ Back to the top


Summary

Microsoft has released an update that eliminates a security vulnerability in Microsoft Excel 2000. This update, the Microsoft Excel 2000 SR-1 REGISTER.ID Function Update, eliminates a security vulnerability that could allow certain types of executables to be run without a warning to the user.

To prevent unsafe macros from running, this update disables the REGISTER.ID worksheet function.

For additional information about the latest service pack for Microsoft Office 2000, click the article number below to view the article in the Microsoft Knowledge Base:
276367� OFF2000: How to Obtain the Latest Office 2000 Service Pack
To correct this problem, download and install the latest update for Excel 2000. The latest update includes this and all other Excel-specific updates that have been released since the latest service release (SR) of Office. The files included in this update will be included in any later SR or update. To upgrade to the latest Excel update or for more information about the history of Excel 2000 updates, please click the article number below to view the article in the Microsoft Knowledge Base:
269356� XL2000: Overview and History of Excel 2000 Updates
NOTE: To use the Excel 2000 SR-1 REGISTER.ID Function Update, you must first install Office 2000 SR-1 or Office 2000 Service Release 1a (SR-1a).

System administrators can find additional information and the administrator version of this update at the following Microsoft Web site: To learn more about the Excel 2000 SR-1 REGISTER.ID Function Update, please see the Microsoft Security Bulletin MS00-051.

NOTE: This update includes only the Excel 2000 fix that is included with the Excel 2000 and PowerPoint 2000 HTML Script Vulnerability Update, but it does not include the PowerPoint 2000 fix. Therefore, if you have not yet applied the Administrative Update for the Excel 2000 and PowerPoint 2000 HTML Script Vulnerability Update to your administrative installation and to your network clients, please apply that update after you apply the Excel 2000 SR-1 Register.ID Function Vulnerability Update. For additional information about the Excel 2000 and PowerPoint 2000 HTML Script Vulnerability Update, click the article numbers below to view the articles in the Microsoft Knowledge Base:
268654� OFF2000: Administrative Update Available for HTML Script Vulnerability
268365� XL2000: Update Available for HTML Script Vulnerability
268457� PPT2000: Update Available for HTML Script Vulnerability

↑ Back to the top


More information

How to Download and Install the Update

IMPORTANT:

To install the update, you must have access to your original Excel or Office compact disc. (One exception is if you installed from a "flat copy" of the compact disc stored on a network server. A "flat copy" is not the same as an administrative installation.)If you installed from a network administrative installation to your workstation, you should contact your administrator about obtaining this update. Do not attempt to apply this update to your workstation. For additional information about applying this update to an administrative installation, click the article number below to view the article in the Microsoft Knowledge Base:
269267� XL2000: Administrative Update Available for the Excel 2000 SR-1 REGISTER.ID Function Vulnerability
Quit all running programs, including Microsoft Office, Microsoft Project, and the Microsoft Office Shortcut Bar, before you begin the installation.
Follow these steps to download and install the update:
  1. Using your Web browser go to the following Web site:
  2. Click Download Now!. Click Save this program to disk, and then click OK.
  3. Click Save to save the Xl9p3pkg.exe file to the selected folder.
  4. In Windows Explorer, double-click xl9p3pkg.exe.
  5. If you are prompted to install the update, click Yes.
  6. Click Yes to accept the License Agreement.
  7. Insert the Office 2000 compact disc when you are prompted to do so, and then click OK.
  8. When you receive a message indicating installation was successful, click OK.

Files Contained in the Xl9p3pkg.exe Download

If you download Xl9p3pkg.exe and manually extract the files by using a command line similar to this
C:\Downloads\xl9p3pkg.exe /c /t:C:\xl9p3pkg
the following files will be listed in the C:\xl9p3pkg folder:
ohotfix9.exe
OQFE7797_Client.msp
Readme.txt

How to Verify That the Update Is Successful

To verify whether the installation of the update was successful, check that the last four digits of the version of the Excel.exe file on your system is equal to or later than 4317. By default, Excel.exe is in the following location on your computer:
C:\Program Files\Microsoft Office\Office
To check the last four digits, follow these steps:
  1. Click Start, point to Programs, and then click Windows Explorer.
  2. In Windows Explorer, right-click the file and then click Properties on the shortcut menu.
  3. Click the Version tab.

How to Get an Update Log File

By default, the Microsoft Excel 2000 SR-1 REGISTER.ID Function Update creates a log file during installation. The log file is created in your \Temp\OfficeHotFix folder and has a name similar to the following:
Office 2000 SR-1 Hotfix(0001)_MsiExec.log

↑ Back to the top


References

For additional information, click the article numbers below to view the articles in the Microsoft Knowledge Base:
266134� OFF2000: Overview and History of Office 2000 Updates
248710� OFF97: Overview and History of Office 97 Patches
269267� XL2000: Administrative Update Available for the Excel 2000 SR-1 REGISTER.ID Function Vulnerability
269356� XL2000: Overview and History of Excel 2000 Updates

↑ Back to the top


Keywords: KB269252, kboffice2000sp2fix, kboffice2000presp2fix, kbinfo, kbdownload

↑ Back to the top

Article Info
Article ID : 269252
Revision : 8
Created on : 6/27/2007
Published on : 6/27/2007
Exists online : False
Views : 485