MS15-033: Vulnerabilities in Office could allow remote code execution: April 14, 2015

View products that this article applies to.

Summary

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less affected than those who operate with administrative user rights.

↑ Back to the top

Introduction

Microsoft has released security bulletin MS15-033. To learn more about this security bulletin:

Home users:
https://www.microsoft.com/security/pc-security/updates.aspx
Skip the details - Download the updates for your home computer or laptop from the Microsoft Update website now:
https://update.microsoft.com/microsoftupdate/
IT professionals:
https://technet.microsoft.com/library/security/MS15-033

How to obtain help and support for this security update

Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your Windows-based computer from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International support

↑ Back to the top

More Information

Known issues and additional information about this security update

The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed under each article link.

Security update deployment information

2007 Microsoft Office system (all editions) and other software

Reference table

The following table contains the security update information for this software.

Security update file name	For 2007 Microsoft Office Service Pack 3: vbe62007-kb2687409-fullfile-x86-glb.exe
	For 2007 Microsoft Word Service Pack 3: word2007-kb2965284-fullfile-x86-glb.exe
	For Microsoft Word Viewer: office-kb2965289-fullfile-enu.exe
	For Microsoft Office Compatibility Pack: wordconv2007-kb2965210-fullfile-x86-glb.exe
Installation switches	See Microsoft Knowledge Base Article 912203
Restart requirement	In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart. To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install the security update. For more information about the reasons why you may be prompted to restart, see Microsoft Knowledge Base Article 887012.
Removal information	Use Add or Remove Programs item in Control Panel.
File information	See the file information section
Registry key verification	Not applicable

Microsoft Office 2010 (all editions)

Reference table

The following table contains the security update information for this software.

Security update file name	For Microsoft Office 2010 Service Pack 2 (32-bit editions): kb24286772010-kb2965236-fullfile-x86-glb.exe vbe72010-kb2687419-fullfile-x86-glb.exe
	For Microsoft Office 2010 Service Pack 2 (64-bit editions) kb24286772010-kb2965236-fullfile-x64-glb.exe vbe72010-kb2687419-fullfile-x64-glb.exe
	For Microsoft Word 2010 Service Pack 2 (32-bit editions) wordloc2010-kb2553428-fullfile-x86-glb.exe
	For Microsoft Word 2010 Service Pack 2 (64-bit editions) wordloc2010-kb2553428-fullfile-x64-glb.exe
Installation switches	See Microsoft Knowledge Base Article 912203
Restart requirement	In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart. To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install the security update. For more information about the reasons why you may be prompted to restart, see Microsoft Knowledge Base Article 887012.
Removal information	Use Add or Remove Programs item in Control Panel.
File information	See the file information section
Registry key verification	Not applicable

Microsoft Office 2013 (all editions)

Reference table

The following table contains the security update information for this software.

Security update file name	For supported editions of Microsoft Office 2013 (32-bit editions) vbe72013-kb2752034-fullfile-x86-glb.exe
	For supported editions of Microsoft Office 2013 (64-bit editions) vbe72013-kb2752034-fullfile-x64-glb.exe
	For supported editions of Microsoft Word 2013 (32-bit editions) word2013-kb2965224-fullfile-x86-glb.exe
	For supported editions of Microsoft Word 2013 (64-bit editions) word2013-kb2965224-fullfile-x64-glb.exe
Installation switches	See Microsoft Knowledge Base Article 912203
Restart requirement	In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart. To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install the security update. For more information about the reasons why you may be prompted to restart, see Microsoft Knowledge Base Article 887012.
Removal information	Use Add or Remove Programs item in Control Panel.
File information	See the file information section
Registry key verification	Not applicable

Microsoft Office 2013 RT (all editions)

Deployment	The 2965224 update for Microsoft Word 2013 RT is available through Windows Update.
Restart requirement	In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart. To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install the security update. For more information about the reasons why you may be prompted to restart, see Microsoft Knowledge Base Article 887012.
Removal information	Click Control Panel, click System and Security, click Windows Update, and under See also, click Installed updates, and then select from the list of updates.
File information	See the file information section

Office for Mac 2011

Prerequisites

To install this update, you must have a computer that is running Mac OS X version 10.5.8 or a later version on an Intel processor, and user accounts must have administrative credentials.

Outlook for Mac for Office 365

Prerequisites

You must be running OS X Yosemite 10.10 or a later version.

Microsoft SharePoint Server 2010 (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file name	For Word Automation Services on supported editions of Microsoft SharePoint Server 2010 Service Pack 2: wdsrvloc2010-kb2553164-fullfile-x64-glb.exe
Installation switches	See Microsoft Knowledge Base Article 912203
Restart requirement	In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart. To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install the security update. For more information about the reasons why you may be prompted to restart, see Microsoft Knowledge Base Article 887012.
Removal information	This security update cannot be removed.
File Information	See the file information section
Registry key verification	Not applicable

Microsoft SharePoint Server 2013 (all editions)

Reference Table

The following table contains the security update information for this software.

Security update file name	For Word Automation Services on supported editions of Microsoft SharePoint Server 2013: wdsrvloc2013-kb2965215-fullfile-x64-glb.exe
Installation switches	See Microsoft Knowledge Base Article 912203
Restart requirement	In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart. To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install the security update. For more information about the reasons why you may be prompted to restart, see Microsoft Knowledge Base Article 887012.
Removal information	This security update cannot be removed.
File Information	See the file information section
Registry key verification	Not applicable

Microsoft Office Web Apps 2010 (all versions)

Reference Table

The following table contains the security update information for this software.

Security update file name	For Microsoft Office Web Apps 2010 Service Pack 2: wacloc2010-kb2965238-fullfile-x64-glb.exe
Installation switches	See Microsoft Knowledge Base Article 912203
Restart requirement	In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart. To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install the security update. For more information about the reasons why you may be prompted to restart, see Microsoft Knowledge Base Article 887012.
Removal information	This security update cannot be removed.
File Information	See the file information section
Registry key verification	Not applicable

Microsoft Office Web Apps 2013 (all versions)

Reference Table

The following table contains the security update information for this software.

Security update file name	For all supported editions of Microsoft Office Web Apps Server 2013 Service Pack 1: wacserver2013-kb2965306-fullfile-x64-glb.exe
Installation switches	See Microsoft Knowledge Base Article 912203
Restart requirement	In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart. To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install the security update. For more information about the reasons why you may be prompted to restart, see Microsoft Knowledge Base Article 887012.
Removal information	This security update cannot be removed.
File Information	See the file information section
Registry key verification	Not applicable

↑ Back to the top

FILE INFORMATION

File hash information

File name	SHA1 hash	SHA256 hash
wdsrvloc2010-kb2553164-fullfile-x64-glb.exe	D88B4B2BBA7CFE5CD9FEC47A706F04EFEBD823EB	36E434C632954A54D37C565438068C4F70DB0C15745E27B3619046C50B3A1400
wordloc2010-kb2553428-fullfile-x64-glb.exe	F6C083208DA1CC7F7666DEA0A697010E4F394FB0	91A170562A2DDD99BB04D785394C371CD6AA7BBBD1BD2230925E7DE8AAE65E8F
wordloc2010-kb2553428-fullfile-x86-glb.exe	0A4C090B2EEEF84E4301BA661B010806920B085C	7FD32D4A972D79D95ABCF958BD126CB3D0F8310EB9CFED3AB905DAFEF2050BC3
wordconv2007-kb2965210-fullfile-x86-glb.exe	A14FFBE921A2EE7A1140856F3EC2ACF24D978EED	2149792B2E36C993A09B565D76D9E9BD7576D794944E6DD7B747823DC9F6321F
kb24286772010-kb2965236-fullfile-x64-glb.exe	A83D65B28ECB2E9D119E3DDB6A6D0F15D4E88998	BEC03DD26C161568E1572E800390315AC9743D6A92AD47D9BECA28FEA78C7521
kb24286772010-kb2965236-fullfile-x86-glb.exe	AD1BC734A336F1CEAD087AF0668825D6A8803CD6	E63F317BABFF4A38A3E3274FA722713B90C2AA6070F45EBB1745AC433C9A969F
wacloc2010-kb2965238-fullfile-x64-glb.exe	85E81850227DED768C0D37F60EE86CA897E432A7	F45B2BF3204E8D01F473F7538A7882AC85DFD6EA6E9035E928CD0F41BAE8DE38
word2007-kb2965284-fullfile-x86-glb.exe	46EE57875231E6FCB4C2580D9C319A861BBE2BC0	59DC2820774BD4194226E357427E75992069955CC98824AF21A2E0EA55C2FAA3
wdsrvloc2013-kb2965215-fullfile-x64-glb.exe	C4F844B13E0683AAE5207E4E020DE32AA26CA326	2A9BC8634AB32409F017F846064B283D34BD77C1A90992F3DBFDABA4F35C1A50
word2013-kb2965224-fullfile-x64-glb.exe	588330CEBFA29C177FC45ABABC0C054847790765	CE34D183A89292AED92FB0B0D1379762931D50040683DCD0F9599DB3B8E298E8
word2013-kb2965224-fullfile-x86-glb.exe	D2E17E3AA62413C3C40A21AD950A2641980CA33F	07AFB182AECFB5448625A5623F13C0ED77CDB3813877AFFE427B9E03EAC399B1
office-kb2965289-fullfile-enu.exe	9FE33D9661A610092CA29EC18EB823920D263ECB	DAD420F24DD53D128A1B00238C4562676A5D3D4A9075D1C1EBB30A1E80A2E930
wacserver2013-kb2965306-fullfile-x64-glb.exe	86CAC959E1285D436FEA409B645BCBF32E614007	9F6AB9837CDE628D112E0AEEB009DFCB969B6AD7E8653D371979480FDB0D587A

↑ Back to the top

Applies to:

↑ Back to the top

Keywords: kb

↑ Back to the top

Article Info

Article ID	:	3048019
Revision	:	1
Created on	:	1/7/2017
Published on	:	4/14/2015
Exists online	:	False
Views	:	164

Microsoft KB Archive Search

MS15-033: Vulnerabilities in Office could allow remote code execution: April 14, 2015

Summary

Introduction

How to obtain help and support for this security update

More Information

Known issues and additional information about this security update

2007 Microsoft Office system (all editions) and other software

Microsoft Office 2010 (all editions)

Microsoft Office 2013 (all editions)

Microsoft Office 2013 RT (all editions)

Office for Mac 2011

Outlook for Mac for Office 365

Microsoft SharePoint Server 2010 (all editions)

Microsoft SharePoint Server 2013 (all editions)

Microsoft Office Web Apps 2010 (all versions)

Microsoft Office Web Apps 2013 (all versions)

FILE INFORMATION

Applies to: