Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

MS15-013: Vulnerability in Microsoft Office could allow security bypass: February 10, 2015


View products that this article applies to.

Introduction

This security update resolves vulnerabilities that could allow security feature bypass if a specially crafted file is opened in an affected edition of Microsoft Office.

↑ Back to the top


Summary

Microsoft has released security bulletin MS15-013. Learn more about how to obtain the fixes included in this security bulletin:

↑ Back to the top


How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

↑ Back to the top


Security update deployment information

Microsoft Office 2007 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor Microsoft Office 2007:
otkruntimertl2007-kb2920795-fullfile-x86-glb.exe
Installation switchesSee Microsoft Knowledge Base Article 912203
Restart requirementIn some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.

To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons that you may be prompted to restart, see Microsoft Knowledge Base Article 887012.
Removal informationUse the Add or Remove Programs item in Control Panel.
File informationSee Microsoft Knowledge Base Article 2920795
Registry key verificationNot applicable

Microsoft Office 2010 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor Microsoft Office 2010 (32-bit editions):
otkruntimertl2010-kb2920748-fullfile-x86-glb.exe
For Microsoft Office 2010 (64-bit editions):
otkruntimertl2010-kb2920748-fullfile-x64-glb.exe
Installation switchesSee Microsoft Knowledge Base Article 912203
Restart requirementIn some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.

To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons that you may be prompted to restart, see Microsoft Knowledge Base Article 887012.
Removal informationUse Add or Remove Programs item in Control Panel.
File informationSee Microsoft Knowledge Base Article 2920748,
Registry key verificationNot applicable

Microsoft Office 2013 (all editions)

Reference Table

The following table contains the security update information for this software.
Security update file nameFor supported editions of Microsoft Office 2013 (32-bit editions):
otkruntimertl2013-kb2910941-fullfile-x86-glb.exe
For supported editions of Microsoft Office 2013 (64-bit editions):
otkruntimertl2013-kb2910941-fullfile-x64-glb.exe
Installation switchesSee Microsoft Knowledge Base Article 912203
Restart requirementIn some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart.

To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons that you may be prompted to restart, see Microsoft Knowledge Base Article 887012.
Removal informationUse Add or Remove Programs item in Control Panel.
File informationSee Microsoft Knowledge Base Article 2910941
Registry key verificationNot applicable

More information about this security update

Known issues and additional information about this security update

The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed below each article link.
  • 2910941 MS15-013: Description of the security update for Microsoft Office 2013: February 10, 2015
  • 2920748 MS15-013: Description of the security update for Microsoft Office 2010: February 10, 2015
  • 2920795 MS15-013: Description of the security update for the 2007 Microsoft Office suite: February 10, 2015

↑ Back to the top


File hash information
File nameSHA1 hashSHA256 hash
otkruntimertl2007-kb2920795-fullfile-x86-glb.exeBABDECACF21EE35A0C73397EC11051F08415B4F3C14342EE1F8FB6D0C429E5014C5F7854EDFE54DDD2FF18E612A5AB53B0E9A9B9
otkruntimertl2007-kb2920795-fullfile-x86-glb.exe9E423B72F91C60335E3316F3BB70679DF1B3CE09CCCCDBFC7326E8A8138ED318E730132B7CFD22631608E6AFD9D2C73D3871027C
otkruntimertl2010-kb2920748-fullfile-x64-glb.exeD374FF2E5FF4677DD8D29DE5EDE08B64D96D33F57EC87AE97B5BF1F37164C2E7E54CB46E2A4A86A9DF8C0677B1081E8EF1269A4B
otkruntimertl2010-kb2920748-fullfile-x86-glb.exe26A1635839A3960E7611768CD9C5139EDC3E648FBB21077781212F904E1C533889DF63547BCE38AAAF52315E8064029F311C946A
otkruntimertl2013-kb2910941-fullfile-x64-glb.exeFD86BEA70D02666211D2AD45DB9E81C61AC0CFB1DB593E4BBFFBFA159D573230FF936FB1B075ADDA1E6648E52DD06C4F966EB059
otkruntimertl2013-kb2910941-fullfile-x86-glb.exe233520BEEB181A87FC92F00EF8046D849FF137F526F788E2D4E1C680459C06687A8BD20EF433768F162BB21ED747B3C0D3221953

↑ Back to the top


Keywords: kb, kbsecvulnerability, kbsecurity, kbsecreview, kbsecbulletin, kbmustloc, kblangall, kbfix, kbexpertiseinter, kbbug, atdownload

↑ Back to the top

Article Info
Article ID : 3033857
Revision : 1
Created on : 1/7/2017
Published on : 2/10/2015
Exists online : False
Views : 265