• Microsoft Word 2015 Download Free
• Service Pack Microsoft Word 2015 Updates Mac 15.13.1 Free
• Microsoft Word 2015 Torrent

Find Microsoft software downloads at CNET Download.com, the most comprehensive source for safe, trusted, and spyware-free downloads on the Web.

• Ranging from the compact, brilliantly affordable HP Stream to the powerful HP Omen gaming laptop, our selection of HP laptops covers the full breadth of PC market and includes something to suit every level of user. Whether you want a cheap, accessible machine that allows you to stay connected on the go or a state of the art laptop that gives.
• Download Microsoft Office per Mac 2011 Service Pack 1 (14.1.0) from Official Microsoft Download Center. Scopri cosa puoi fare ogni giorno con Office 365.

-->

Security Update for Microsoft Office to Address Remote Code Execution (3116111)

Published: December 8, 2015 | Updated: December 18, 2015

Version: 2.1

Microsoft Word 2015 Download Free

Executive Summary

This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

For more information, see the Affected Software and Vulnerability Severity Ratings section.

The security update addresses the vulnerabilities by correcting how Office handles objects in memory.

For more information about the vulnerabilities, see the Vulnerability Information section.

For more information about this update, see Microsoft Knowledge Base Article 3116111.

Affected Software and Vulnerability Severity Ratings

The following software versions or editions are affected. Versions or editions that are not listed are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, see Microsoft Support Lifecycle.

The following severity ratings assume the potential maximum impact of the vulnerability. For information regarding the likelihood, within 30 days of this security bulletin's release, of the exploitability of the vulnerability in relation to its severity rating and security impact, please see the Exploitability Index in the December bulletin summary.

Microsoft Office Software

**Vulnerability Severity Rating and Maximum Security Impact by Affected Software**
**Affected Software**	[**Microsoft Office Memory Corruption Vulnerability – CVE-2015-6040**](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6040)	[**Microsoft Office Memory Corruption Vulnerability – CVE-2015-6118**](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6118)	[**Microsoft Office Memory Corruption Vulnerability – CVE-2015-6122**](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6122)	[**Microsoft Office Memory Corruption Vulnerability – CVE-2015-6124**](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6124)	[**Microsoft Office RCE Vulnerability – CVE-2015-6172**](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6172)	[**Microsoft Office Memory Corruption Vulnerability – CVE-2015-6177**](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6177)	Updates Replaced*
**Microsoft Office 2007**
[Microsoft Office 2007 Service Pack 3](https://www.microsoft.com/download/details.aspx?familyid=6250e86e-b1c0-4b35-89ab-8fbeadc59044) (3085549)	Not applicable	**Important**Remote Code Execution	Not applicable	Not applicable	Not applicable	Not applicable	2837610 in [MS15-081](http://go.microsoft.com/fwlink/?linkid=619678)
[Microsoft Excel 2007 Service Pack 3](https://www.microsoft.com/download/details.aspx?familyid=c09396af-982d-44c7-b88c-ce6912785f5c) (3114422)	**Important**Remote Code Execution	Not applicable	**Important**Remote Code Execution	Not applicable	Not applicable	**Important**Remote Code Execution	3101554 in [MS15-116](http://go.microsoft.com/fwlink/?linkid=690594)
[Microsoft Word 2007 Service Pack 3](https://www.microsoft.com/download/details.aspx?familyid=7af55672-f703-4218-89ec-5469ecf8cbd9) (3114458)	Not applicable	Not applicable	Not applicable	**Important**Remote Code Execution	**Critical**Remote Code Execution	Not applicable	3085552 in [MS15-116](http://go.microsoft.com/fwlink/?linkid=690594)
**Microsoft Office 2010**
[Microsoft Office 2010 Service Pack 2 (32-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=ea9712b0-c6be-4112-bd15-08235e4a3448) (3085528)	Not applicable	**Important**Remote Code Execution	Not applicable	Not applicable	Not applicable	Not applicable	2598244 in [MS15-081](http://go.microsoft.com/fwlink/?linkid=619678)
[Microsoft Office 2010 Service Pack 2 (64-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=b251aefb-df5a-49cd-a37d-a69fee329958) (3085528)	Not applicable	**Important**Remote Code Execution	Not applicable	Not applicable	Not applicable	Not applicable	2598244 in [MS15-081](http://go.microsoft.com/fwlink/?linkid=619678)
[Microsoft Office 2010 Service Pack 2 (32-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=af40bcfa-bf60-4127-a1d6-c409d315bb6c) (3114403)	Not applicable	Not applicable	Not applicable	**Important**Remote Code Execution	**Critical**Remote Code Execution	Not applicable	3101529 in [MS15-116](http://go.microsoft.com/fwlink/?linkid=690594)
[Microsoft Office 2010 Service Pack 2 (64-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=26c7aaae-79db-46cc-8ca3-4ebccea90875) (3114403)	Not applicable	Not applicable	Not applicable	**Important**Remote Code Execution	**Critical**Remote Code Execution	Not applicable	3101529 in [MS15-116](http://go.microsoft.com/fwlink/?linkid=690594)
[Microsoft Excel 2010 Service Pack 2 (32-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=a4d0e58a-6985-4957-8474-e071485ce90c) (3114415)	**Important**Remote Code Execution	Not applicable	**Important**Remote Code Execution	Not applicable	Not applicable	Not applicable	3101543 in [MS15-116](http://go.microsoft.com/fwlink/?linkid=690594)
[Microsoft Excel 2010 Service Pack 2 (64-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=0dbd0d97-38ee-4ab2-a291-2b8dd52e552b) (3114415)	**Important**Remote Code Execution	Not applicable	**Important**Remote Code Execution	Not applicable	Not applicable	Not applicable	3101543 in [MS15-116](http://go.microsoft.com/fwlink/?linkid=690594)
[Microsoft Word 2010 Service Pack 2 (32-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=02bf75e3-5a58-486e-80d1-6fa848e4e1d7) (3101532)	Not applicable	Not applicable	Not applicable	**Important**Remote Code Execution	**Critical**Remote Code Execution	Not applicable	3055039 in [MS15-081](http://go.microsoft.com/fwlink/?linkid=619678)
[Microsoft Word 2010 Service Pack 2 (64-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=dd256035-800a-4b15-8e30-892eb9d582a8) (3101532)	Not applicable	Not applicable	Not applicable	**Important**Remote Code Execution	**Critical**Remote Code Execution	Not applicable	3055039 in [MS15-081](http://go.microsoft.com/fwlink/?linkid=619678)
**Microsoft Office 2013**
[Microsoft Word 2013 Service Pack 1 (32-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=c5575116-5eae-417f-83a4-eb0beee7ebfb) (3114342)	Not applicable	Not applicable	Not applicable	**Important**Remote Code Execution	**Critical**Remote Code Execution	Not applicable	3101370 in [MS15-116](http://go.microsoft.com/fwlink/?linkid=690594)
[Microsoft Word 2013 Service Pack 1 (64-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=c8a6f90e-f618-4eb4-88de-3853ab19041a) (3114342)	Not applicable	Not applicable	Not applicable	**Important**Remote Code Execution	**Critical**Remote Code Execution	Not applicable	3101370 in [MS15-116](http://go.microsoft.com/fwlink/?linkid=690594)
**Microsoft Office 2016**
[Microsoft Word 2016 (32-bit edition)](https://www.microsoft.com/download/details.aspx?familyid=7e6fc16d-7fc8-4e37-9ac5-7f9403c3b14b) (3114382)	Not applicable	Not applicable	Not applicable	Not applicable	**Critical**Remote Code Execution	Not applicable	3101513 in [MS15-116](http://go.microsoft.com/fwlink/?linkid=690594)
[Microsoft Word 2016 (64-bit edition)](https://www.microsoft.com/download/details.aspx?familyid=5cc7b90e-ead3-4d56-9734-4d65c7796117) (3114382)	Not applicable	Not applicable	Not applicable	Not applicable	**Critical**Remote Code Execution	Not applicable	3101513 in [MS15-116](http://go.microsoft.com/fwlink/?linkid=690594)
**Microsoft Office 2013 RT**
Microsoft Word 2013 RT Service Pack 1 (3114342)[1]	Not applicable	Not applicable	Not applicable	**Important**Remote Code Execution	**Critical**Remote Code Execution	Not applicable	3101370 in [MS15-116](http://go.microsoft.com/fwlink/?linkid=690594)
**Microsoft Office for Mac 2011**
[Microsoft Excel for Mac 2011](https://www.microsoft.com/download/details.aspx?familyid=5140c1d8-d862-433e-b6e9-19f02e55b9ee) (3119517)[2]	**Important**Remote Code Execution	Not applicable	**Important**Remote Code Execution	Not applicable	Not applicable	Not applicable	3102924 in [MS15-116](http://go.microsoft.com/fwlink/?linkid=690594)
**Microsoft Office 2016 for Mac**
[Microsoft Excel 2016 for Mac](http://go.microsoft.com/fwlink/?linkid=708419) (3119518)[2]	**Important**Remote Code Execution	Not applicable	Not applicable	Not applicable	Not applicable	Not applicable	3102925 in [MS15-116](http://go.microsoft.com/fwlink/?linkid=690594)
**Other Office Software**
[Microsoft Office Compatibility Pack Service Pack 3](https://www.microsoft.com/download/details.aspx?familyid=75cf11c8-201c-44ec-ae4a-ea5cd0041032) (3114457)	Not applicable	Not applicable	Not applicable	**Important**Remote Code Execution	**Critical**Remote Code Execution	Not applicable	3085551 in [MS15-116](http://go.microsoft.com/fwlink/?linkid=690594)
[Microsoft Office Compatibility Pack Service Pack 3](https://www.microsoft.com/download/details.aspx?familyid=028070ec-5b2c-4879-9804-0e671263dea5) (3114431)	**Important**Remote Code Execution	Not applicable	**Important**Remote Code Execution	Not applicable	Not applicable	**Important**Remote Code Execution	3101558 in [MS15-116](http://go.microsoft.com/fwlink/?linkid=690594)
[Microsoft Excel Viewer](https://www.microsoft.com/download/details.aspx?familyid=8c782afb-9369-4149-975b-6e22f62fa19c) (3114433)	**Important**Remote Code Execution	Not applicable	**Important**Remote Code Execution	Not applicable	Not applicable	**Important**Remote Code Execution	3101560 in [MS15-116](http://go.microsoft.com/fwlink/?linkid=690594)

^[1]This update is available via [Windows Update](http://go.microsoft.com/fwlink/?linkid=21130).

^[2]As of December 10, 2015, the 3119518 update is available for Microsoft Office 2016 for Mac, and the 3119517 update is available for Microsoft Office for Mac 2011. For more information, see Microsoft Knowledge Base Article 3119518 and Microsoft Knowledge Base Article 3119517.

*The Updates Replaced column shows only the latest update in a chain of superseded updates. For a comprehensive list of updates replaced, go to the Microsoft Update Catalog, search for the update KB number, and then view update details (updates replaced information is on the Package Details tab).

Update FAQ

Does this update contain any additional security-related changes to functionality?
Yes. In addition to the security updates that address the vulnerabilities described in this bulletin, Microsoft is releasing the following defense-in-depth updates for Microsoft Office 2007 Service Pack 3 and Microsoft Word Viewer:

Affected Software	Updates Replaced
Microsoft Office 2007 Service Pack 3 (3114425)	3101555 in MS15-116
Microsoft Word Viewer (3114479)	3101564 in MS15-116

**I have Microsoft Word 2010 installed. Why am I not being offered the 3114403 update?** The 3114403 update only applies to systems running specific configurations of Microsoft Office 2010. Some configurations will not be offered the update. **I am being offered this update for software that is not specifically indicated as being affected in the Affected Software and Vulnerability Severity Ratings table. Why am I being offered this update?** When updates address vulnerable code that exists in a component that is shared between multiple Microsoft Office products or shared between multiple versions of the same Microsoft Office product, the update is considered to be applicable to all supported products and versions that contain the vulnerable component. For example, when an update applies to Microsoft Office 2007 products, only Microsoft Office 2007 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2007, Microsoft Excel 2007, Microsoft Visio 2007, Microsoft Compatibility Pack, Microsoft Excel Viewer, or any other Microsoft Office 2007 product that is not specifically listed in the Affected Software table. For example, when an update applies to Microsoft Office 2010 products, only Microsoft Office 2010 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2010, Microsoft Excel 2010, Microsoft Visio 2010, Microsoft Visio Viewer, or any other Microsoft Office 2010 product that is not specifically listed in the Affected Software table. For example, when an update applies to Microsoft Office 2013 products, only Microsoft Office 2013 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2013, Microsoft Excel 2013, Microsoft Visio 2013, or any other Microsoft Office 2013 product that is not specifically listed in the Affected Software table. Vulnerability Information ------------------------- Multiple Microsoft Office Memory Corruption Vulnerabilities ----------------------------------------------------------- Multiple remote code execution vulnerabilities exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Exploitation of these vulnerabilities requires that a user open a specially crafted file with an affected version of Microsoft Office software. In an email attack scenario an attacker could exploit the vulnerabilities by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerabilities. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince them to open the specially crafted file. The security update addresses the vulnerabilities by correcting how Office handles objects in memory. The following tables contain links to the standard entry for each vulnerability in the Common Vulnerabilities and Exposures list:

Vulnerability title	CVE number	Publicly disclosed	Exploited
Microsoft Office Memory Corruption Vulnerability	CVE-2015-6040	No	No
Microsoft Office Memory Corruption Vulnerability	CVE-2015-6118	No	No
Microsoft Office Memory Corruption Vulnerability	CVE-2015-6122	No	No
Microsoft Office Memory Corruption Vulnerability	CVE-2015-6124	Yes	No
Microsoft Office Memory Corruption Vulnerability	CVE-2015-6177	No	No

Microsoft Office RCE Vulnerability – CVE-2015-6172 -------------------------------------------------- A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user and take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. To exploit the vulnerability, the user must open or preview a specially crafted email message with an affected version of Microsoft Outlook. In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted email message to the user and then convincing the user to preview or open the email. Workstations and terminal servers on which Microsoft Outlook is install are at risk of this vulnerability. Servers could be more at risk if administrators allow users to log on to them to run programs. However, best practices strongly discourage allowing this. The update addresses the vulnerability by correcting how Microsoft Outlook parses specially crafted malicious email messages. Microsoft received information about this vulnerability through coordinated vulnerability disclosure. At the time this security bulletin was originally issued, Microsoft was unaware of any attack attempting to exploit this vulnerability. ### Mitigating Factors Microsoft has not identified any [mitigating factors](https://technet.microsoft.com/library/security/dn848375.aspx) for this vulnerability. ### Workarounds The following [workarounds](https://technet.microsoft.com/library/security/dn848375.aspx) may be helpful in your situation: - **Disable previewing messages in Outlook**

• On the View menu, point to MessagePreview, click Off and then confirm that all mailboxes are disabled.

How to undo the workaround.

• On the View menu, point to MessagePreview, and then click On.
  

• Disable reading Outlook email messages in HTML

  1. Click the File tab.

  2. Click Options.

  3. Click TrustCenter, and then click Trust Center Settings.

  4. Click EmailSecurity.

     Under Read as Plain Text, select the Read all standard mail in plain text checkbox.
     How to undo the workaround.

  5. Click the File tab.

  6. Click Options.

  7. Click TrustCenter, and then click Trust Center Settings.

  8. Click EmailSecurity.

  9. Under Read as Plain Text, select Read all standard mail in plain text.

• Disable Flash ActiveX control with Office kill bit

  1. Click Start, click Run, in the Open box, type Regedit, and then click OK.

  2. Navigate to the following registry location:

  3. Create a new key with the name “{D27CDB6E-AE6D-11cf-96B8-444553540000}”.

  4. Under the new key, add the new DWORD entry “Compatibility Flags”.

  5. Set the DWORD value to “0x00000400”.

  How to undo the workaround.

  1. Click Start, click Run, in the Open box type Regedit, and then click OK.

  2. Navigate to the following registry location:

  3. Set the DWORD value of “Compatibility Flags” to “0x00000000”.

FAQ

What is the scope of the vulnerability?
This is a remote code execution vulnerability.

What causes the vulnerability?
The vulnerability is caused by Microsoft Outlook missing a check when parsing email messages of a specific format.

What might an attacker use the vulnerability to do?
An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

How could an attacker exploit the vulnerability?
In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted email message to the user and then convincing the user to preview or open the email. Exploitation of this vulnerability requires that a user open or preview a specially crafted email message with an affected version of Microsoft Outlook

What systems are primarily at risk from the vulnerability?
Systems such as workstations and terminal servers where Microsoft Outlook is used are at risk. Servers could be at more risk if administrators allow users to log on to servers and to run programs. However, best practices strongly discourage allowing this.

What does the update do?
The vulnerability is fixed in Microsoft Outlook by adding a check when parsing email messages of a specific format.

Security Update Deployment

For Security Update Deployment information, see the Microsoft Knowledge Base article referenced in the Executive Summary.

Acknowledgments

Microsoft recognizes the efforts of those in the security community who help us protect customers through coordinated vulnerability disclosure. See Acknowledgments for more information.

Disclaimer

The information provided in the Microsoft Knowledge Base is provided 'as is' without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Revisions

• V1.0 (December 8, 2015): Bulletin published.
• V1.1 (December 9, 2015): Bulletin revised to correct the Publicly disclosed and Exploited status of CVE-2015-6124. This is an informational change only. Customers who have successfully installed the update do not need to take any further action.
• V2.0 (December 10, 2015): Bulletin revised to announce that the 3119518 update is available for Microsoft Office 2016 for Mac, and the 3119517 update is available for Microsoft Office for Mac 2011. For more information, see Microsoft Knowledge Base Article 3119518 and Microsoft Knowledge Base Article 3119517.
• V2.1 (December 18, 2015): Bulletin revised to correct the Updates Replaced for 3101532 and 3114342, and to add a workaround for CVE-2015-6172. This is an informational change only. Customers who have successfully installed the updates do not need to take any further action.

Page generated 2015-12-18 14:28-08:00.

-->

Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3089664)

Published: September 8, 2015 | Updated: November 10, 2015

Version: 5.0

Executive Summary

This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

This security update is rated Critical for all supported editions of the following software:

• Microsoft Office 2007
• Microsoft Office 2010
• Microsoft Office 2013
• Microsoft Office 2013 RT
• Microsoft Office 2016

This security update is rated Important for all supported editions of the following software:

• Microsoft Excel for Mac 2011
• Microsoft Excel 2016 for Mac
• Microsoft SharePoint Foundation 2013, Microsoft SharePoint Server 2013

For more information, see the Affected Software section.

The security update addresses the vulnerabilities by correcting how Microsoft Office handles files in memory and by modifying how SharePoint validates web requests. For more information about the vulnerabilities, see the Vulnerability Information section.

For more information about this update, see Microsoft Knowledge Base Article 3089664.

Affected Software and Vulnerability Severity Ratings

The following software versions or editions are affected. Versions or editions that are not listed are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, see Microsoft Support Lifecycle.

The following severity ratings assume the potential maximum impact of the vulnerability. For information regarding the likelihood, within 30 days of this security bulletin's release, of the exploitability of the vulnerability in relation to its severity rating and security impact, please see the Exploitability Index in the September bulletin summary.

Microsoft Office Software

**Vulnerability Severity Rating and Maximum Security Impact by Affected Software**
**Affected Software**	[**Microsoft Office Memory Corruption Vulnerability – CVE-2015-2520**](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2520)	[**Microsoft Office Memory Corruption Vulnerability – CVE-2015-2521**](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2521)	[**Microsoft Office Memory Corruption Vulnerability – CVE-2015-2523**](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2523)	[**Microsoft Office Malformed EPS File Vulnerability - CVE-2015-2545**](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2545)	**Updates Replaced***
**Microsoft Office 2007**
[Microsoft Office 2007 Service Pack 3](https://www.microsoft.com/download/details.aspx?familyid=623ede4f-e62b-4178-8825-7e3dd2938306) (3085620)	Not applicable	Not applicable	Not applicable	**Critical** Remote Code Execution	3054987 - previously released in this bulletin
[Microsoft Excel 2007 Service Pack 3](https://www.microsoft.com/download/details.aspx?familyid=a344212a-5b9a-48ea-adbe-7c69b3f41c17) (3085543)	**Important**Remote Code Execution	**Important** Remote Code Execution	**Important** Remote Code Execution	Not applicable	3054992 in [MS15-081](http://go.microsoft.com/fwlink/?linkid=619678)
**Microsoft Office 2010**
[Microsoft Office 2010 Service Pack 2 (32-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=1bfd696b-823a-422b-ba83-4b85c078f5c4) (3085560)	Not applicable	Not applicable	Not applicable	**Critical** Remote Code Execution	3054965 - previously released in this bulletin
[Microsoft Office 2010 Service Pack 2 (64-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=df76f068-836d-47ff-9f39-21bbddd489c9) (3085560)	Not applicable	Not applicable	Not applicable	**Critical** Remote Code Execution	3054965 - previously released in this bulletin
[Microsoft Excel 2010 Service Pack 2 (32-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=8bd752dc-7e3f-454d-bbf6-da3fe7381dda) (3085526)	**Important**Remote Code Execution	**Important**Remote Code Execution	**Important** Remote Code Execution	Not applicable	3055044 in [MS15-081](http://go.microsoft.com/fwlink/?linkid=619678)
[Microsoft Excel 2010 Service Pack 2 (64-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=02c69ada-7fde-4792-80af-0f501b08bb4b) (3085526)	**Important**Remote Code Execution	**Important**Remote Code Execution	**Important** Remote Code Execution	Not applicable	3055044 in [MS15-081](http://go.microsoft.com/fwlink/?linkid=619678)
**Microsoft Office 2013**
[Microsoft Office 2013 Service Pack 1 (32-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=47c8a837-f2aa-4bb3-99dc-1f00369dd1c4) (3085572)	Not applicable	Not applicable	Not applicable	**Critical** Remote Code Execution	3054932 - previously released in this bulletin
[Microsoft Office 2013 Service Pack 1 (64-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=aef64279-5e73-4d45-8edb-f7429f8037aa) (3085572)	Not applicable	Not applicable	Not applicable	**Critical** Remote Code Execution	3054932 - previously released in this bulletin
[Microsoft Excel 2013 Service Pack 1 (32-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=c6cea9ca-67a4-402c-86de-b589e7e9dfc8) (3085502)	Not applicable	Not applicable	**Important** Remote Code Execution	Not applicable	3054991 in [MS15-081](http://go.microsoft.com/fwlink/?linkid=619678)
[Microsoft Excel 2013 Service Pack 1 (64-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=c3814f31-7267-447a-85fc-9c82f31c811a) (3085502)	Not applicable	Not applicable	**Important** Remote Code Execution	Not applicable	3054991 in [MS15-081](http://go.microsoft.com/fwlink/?linkid=619678)
**Microsoft Office 2013 RT**
Microsoft Office 2013 RT Service Pack 1 (32-bit editions) (3085572)[1]	Not applicable	Not applicable	Not applicable	**Critical** Remote Code Execution	3054932 - previously released in this bulletin
Microsoft Excel 2013 RT Service Pack 1 (3085502)[1]	Not applicable	Not applicable	**Important** Remote Code Execution	Not applicable	3054991 in [MS15-081](http://go.microsoft.com/fwlink/?linkid=619678)
**Microsoft Office 2016**
[Microsoft Office 2016 (32-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=df27d41d-e7b9-481a-9e9f-3b2e4942ca02) (3085635)	Not applicable	Not applicable	Not applicable	**Critical** Remote Code Execution	2910993 - previously released in this bulletin
[Microsoft Office 2016 (64-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=03f914ae-a0a8-4b02-a284-0c7c2991cca5) (3085635)	Not applicable	Not applicable	Not applicable	**Critical** Remote Code Execution	2910993 - previously released in this bulletin
[Microsoft Excel 2016 (32-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=24839f54-4ece-45bb-811d-c4cd0ffb3e61) (2920693)	Not applicable	Not applicable	**Important** Remote Code Execution	Not applicable	None
[Microsoft Excel 2016 (64-bit editions)](https://www.microsoft.com/download/details.aspx?familyid=4971215d-487f-4fd2-863e-969126e9f8d1) (2920693)	Not applicable	Not applicable	**Important** Remote Code Execution	Not applicable	None
**Microsoft Office for Mac 2011**
[Microsoft Excel for Mac 2011](https://www.microsoft.com/download/details.aspx?familyid=b461d2ba-314c-4cb7-95b0-2f43635615ea) (3088501)	**Important** Remote Code Execution	Not applicable	**Important** Remote Code Execution	Not applicable	3081349 in [MS15-081](http://go.microsoft.com/fwlink/?linkid=619678)
**Microsoft Office 2016 for Mac**
[Microsoft Excel 2016 for Mac](http://go.microsoft.com/fwlink/?linkid=620832) (3088502)[2]	**Important** Remote Code Execution	Not applicable	**Important** Remote Code Execution	Not applicable	3082420 in [MS15-081](http://go.microsoft.com/fwlink/?linkid=619678)
**Other Office Software**
[Microsoft Office Compatibility Pack Service Pack 3](https://www.microsoft.com/download/details.aspx?familyid=8a2f4143-130e-40b0-8fc8-45f3581f1fa4) (3054993)	**Important** Remote Code Execution	**Important** Remote Code Execution	**Important** Remote Code Execution	Not applicable	2965208 in [MS15-070](http://go.microsoft.com/fwlink/?linkid=617382)
[Microsoft Excel Viewer](https://www.microsoft.com/download/details.aspx?familyid=fa7db717-8c0a-4bd0-bde2-bf0e880681d8) (3054995)	**Important** Remote Code Execution	**Important**Remote Code Execution	**Important** Remote Code Execution	Not applicable	2965209 in [MS15-070](http://go.microsoft.com/fwlink/?linkid=617382)

^[1]This update is available via [Windows Update](http://go.microsoft.com/fwlink/?linkid=21130).

^[2]As of September 15, 2015, the 3088502 update is available for Microsoft Office 2016 for Mac. For more information see Microsoft Knowledge Base Article 3088502.

Microsoft Server Software

**Vulnerability Severity Rating and Maximum Security Impact by Affected Software**
**Affected Software **	[**Microsoft SharePoint XSS Spoofing Vulnerability – CVE-2015-2522**](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2522)	**Updates Replaced***
**Microsoft SharePoint Foundation 2013**
[Microsoft SharePoint Foundation 2013 Service Pack 1](https://www.microsoft.com/downloads/details.aspx?familyid=068f031a-453f-4aa8-9a12-6f1b8697ec09) (3085501)	**Important**Spoofing	3054792 in [MS15-047](http://go.microsoft.com/fwlink/?linkid=534002)

Update FAQ

Does this update contain any additional security-related changes to functionality?
Yes. In addition to the security updates that address the vulnerabilities described in this bulletin, Microsoft is releasing the following defense-in-depth updates for Microsoft SharePoint Server 2013 and Microsoft Office Web Apps Server 2013:

Affected Software	Updates Replaced
Microsoft SharePoint Server 2013 Service Pack 1 (3054813)	2956180 in MS15-022
Microsoft SharePoint Server 2013 Service Pack 1 (3085483)	3054861 in MS15-070
Microsoft Office Web Apps Server 2013 Service Pack 1 (3085487)	3055003 in MS15-081

**There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Affected Software table for the software?** Yes. Customers should apply all updates offered for the software installed on their systems. **I am being offered this update for software that is not specifically listed in the Affected Software table. Why am I being offered this update?** When updates address vulnerable code that exists in a component that is shared between multiple Microsoft Office products or shared between multiple versions of the same Microsoft Office product, the update is considered to be applicable to all supported products and versions that contain the vulnerable component. For example, when an update applies to Microsoft Office 2007 products, only Microsoft Office 2007 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2007, Microsoft Excel 2007, Microsoft Visio 2007, Microsoft Compatibility Pack, Microsoft Excel Viewer, or any other Microsoft Office 2007 product that is not specifically listed in the Affected Software table. For example, when an update applies to Microsoft Office 2010 products, only Microsoft Office 2010 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2010, Microsoft Excel 2010, Microsoft Visio 2010, Microsoft Visio Viewer, or any other Microsoft Office 2010 product that is not specifically listed in the Affected Software table. For example, when an update applies to Microsoft Office 2013 products, only Microsoft Office 2013 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2013, Microsoft Excel 2013, Microsoft Visio 2013, or any other Microsoft Office 2013 product that is not specifically listed in the Affected Software table. Vulnerability Information ------------------------- Multiple Microsoft Office Memory Corruption Vulnerabilities ----------------------------------------------------------- Remote code execution vulnerabilities exist in Microsoft Office software when the Office software fails to properly handle objects in memory. Exploitation of these vulnerabilities requires that a user open a specially crafted file with an affected version of Microsoft Office software. In an email attack scenario an attacker could exploit the vulnerabilities by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerabilities. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or Instant Messenger message. An attacker who successfully exploited these vulnerabilities could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The security update addresses the vulnerabilities by correcting how Microsoft Office handles files in memory. The following tables contain links to the standard entry for each vulnerability in the Common Vulnerabilities and Exposures list:

Vulnerability title	CVE number	Publicly Disclosed	Exploited
Microsoft Office Memory Corruption Vulnerability	CVE-2015-2520	No	No
Microsoft Office Memory Corruption Vulnerability	CVE-2015-2521	No	No
Microsoft Office Memory Corruption Vulnerability	CVE-2015-2523	No	No

### Mitigating Factors Microsoft has not identified any [mitigating factors](https://technet.microsoft.com/library/security/dn848375.aspx) for these vulnerabilities. ### Workarounds Microsoft has not identified any [workarounds](https://technet.microsoft.com/library/security/dn848375.aspx) for these vulnerabilities. Microsoft SharePoint XSS Spoofing Vulnerability – CVE-2015-2522 --------------------------------------------------------------- A cross-site scripting (XSS) vulnerability, which could result in spoofing, exists when SharePoint fails to properly sanitize user-supplied web requests. An attacker who successfully exploited this vulnerability could perform persistent cross-site scripting attacks and run script (in the security context of the logged-on user) with malicious content that appears authentic. This could allow the attacker to steal sensitive information, including authentication cookies and recently submitted data. To exploit this vulnerability, an attacker must have the ability to submit a specially crafted content to a target site. Because of the vulnerability, in specific situations specially crafted script is not properly sanitized, which subsequently could lead to an attacker-supplied script to be run in the security context of a user who views the malicious content. For cross-site scripting attacks, this vulnerability requires that a user be visiting a compromised site for any malicious action to occur. For instance, after an attacker has successfully submitted a specially crafted web request to a target site, any webpage on that site that contains the specially crafted content is a potential vector for cross-site scripting attacks. When a user visits a webpage that contains the specially crafted content, the script could be run in the security context of the user. The security update addresses the vulnerability by modifying how SharePoint validates web requests. Microsoft received information about the vulnerabilities through coordinated vulnerability disclosure. When this security bulletin was issued, Microsoft had not received any information to indicate that these vulnerabilities had been publicly used to attack customers. ### Mitigating Factors Microsoft has not identified any [mitigating factors](https://technet.microsoft.com/library/security/dn848375.aspx) for these vulnerabilities. ### Workarounds Microsoft has not identified any [workarounds](https://technet.microsoft.com/library/security/dn848375.aspx) for these vulnerabilities. Microsoft Office Malformed EPS File Vulnerability - CVE-2015-2545 ----------------------------------------------------------------- A remote code execution vulnerability exists in Microsoft Office that could be exploited when a user opens a file containing a malformed graphics image or when a user inserts a malformed graphics image into an Office file. Such a file could also be included in an email attachment. An attacker could exploit the vulnerability by constructing a specially crafted EPS file that could allow remote code execution. An attacker who successfully exploited this vulnerability could take control of the affected system. This vulnerability could not be exploited automatically through a Web-based attack scenario. An attacker could host a specially crafted website containing an Office file that is designed to exploit the vulnerability, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an instant messenger or email message that takes users to the attacker's website, or by getting them to open an attachment sent through email. If Microsoft Word is the selected email reader, which is the default setting, then an attacker could leverage Outlook for an email-based attack by sending a specially crafted file, containing an EPS image binary, to the targeted user. In this scenario this attack vector requires minimal user action (as in viewing a specially crafted email through the preview pane in Outlook) to be exploited. Workstations and terminal servers that have Microsoft Office installed are primarily at risk. Servers could be at more risk if administrators allow users to log on to servers and to run programs. However, best practices strongly discourage allowing this. Microsoft received information about the vulnerability through coordinated vulnerability disclosure. When this security bulletin was issued, Microsoft had received reports of limited targeted attacks using this vulnerability. ### Mitigations The following [mitigating factors](https://technet.microsoft.com/library/security/dn848375.aspx) may be helpful in your situation: - This vulnerability could not be exploited automatically through a Web-based attack scenario. An attacker would have to host a website that contains an Office file containing a specially crafted EPS image that is used to attempt to exploit this vulnerability. An attacker would have no way to force users to visit a malicious website. Instead, an attacker would have to convince them to visit the website, typically by getting them to click a link that takes them to the attacker's site, and then convince the user to open the file in an affected Microsoft Office application. - The vulnerability could be exploited by an attacker who convinced a user to open a specially crafted file. There is no way for an attacker to force a user to open a specially crafted file. ### Workarounds The following [workarounds](https://technet.microsoft.com/library/security/dn848375.aspx) may be helpful in your situation: - **Modify the Access Control List to deny access to EPSIMP32.FLT for ALL USERS** There are two ways to implement this workaround. You can manually apply the workaround by using either the Registry Method or the Script Method to deny access to EPSIMP32.FLT for ALL USERS. Alternatively, see [Microsoft Knowledge Base Article 3092845](https://support.microsoft.com/kb/3092845) to use the automated Microsoft Fix it solutions. | Note: | |--------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | See [Microsoft Knowledge Base Article 3092845](https://support.microsoft.com/kb/3092845)to use automated Microsoft Fix it Solution 51037 to deny access to EPSIMP32.FLT. | **Registry Method** **Warning** If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk. 1. Click **Start**, click **Run**, type **regedit.exe**, and then click **OK**. 2. Navigate to **HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsGraphics FiltersImportEPS** 3. Take note of the value of **Path**. In explorer, navigate to the **EPSIMP32.FLT** file at the location listed as the value of **Path**. 4. Right click on **EPSIMP32.FLT** file and select **Properties**. 5. On the **Security** tab, click **Advanced**. 6. Clear the **Allow inheritable permissions from the parent to propagate to this object**… checkbox and click **Remove**. 7. Click **OK**, **Yes**, and then **OK.** **Script Method** **For all supported 32-bit editions of OS** Run the following commands from a command prompt as an administrator: ``` takeown /f '%ProgramFiles%Common FilesMicrosoft SharedGRPHFLTEPSIMP32.FLT' icacls '%ProgramFiles%Common FilesMicrosoft SharedGRPHFLTEPSIMP32.FLT' /save %TEMP% EPSIMP32 _ACL.TXT icacls '%ProgramFiles%Common FilesMicrosoft SharedGRPHFLTEPSIMP32.FLT' /deny everyone:(F) ```

For all supported x64-based editions of OS
Run the following commands from a command prompt as an administrator:
takeown /f '%ProgramFiles(x86)%Common FilesMicrosoft SharedGRPHFLTEPSIMP32.FLT' icacls '%ProgramFiles(x86)%Common FilesMicrosoft SharedGRPHFLTEPSIMP32.FLT' /save %TEMP% EPSIMP32 _ACL.TXT icacls '%ProgramFiles(x86)%Common FilesMicrosoft SharedGRPHFLTEPSIMP32.FLT' /deny everyone:(F)

Impact of workaround: This workaround prevents EPS files from loading in Office, which may prevent certain images from displaying properly in Office. This setting must be reverted before installing future security updates.

How to undo the workaround

You can undo the workaround by running the commands from a command prompt as shown here. Alternatively, see Microsoft Knowledge Base Article 3092845 to use the automated Microsoft Fix to undo the workaround.

Note:
See Microsoft Knowledge Base Article 3092845to use automated Microsoft Fix it Solution 51038 to undo the workaround.

For all supported 32-bit editions of OS
Run the following command from a command prompt as an administrator:

For all supported x64-based editions of OS
Run the following command from a command prompt as an administrator:

Security Update Deployment

For Security Update Deployment information, see the Microsoft Knowledge Base article referenced in the Executive Summary.

Service Pack Microsoft Word 2015 Updates Mac 15.13.1 Free

Acknowledgments

Microsoft recognizes the efforts of those in the security community who help us protect customers through coordinated vulnerability disclosure. See Acknowledgments for more information.

Disclaimer

The information provided in the Microsoft Knowledge Base is provided 'as is' without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Revisions

Microsoft Word 2015 Torrent

• V1.0 (September 8, 2015): Bulletin published.
• V2.0 (September 15, 2015): Bulletin revised to announce that the 3088502 update for Microsoft Office 2016 for Mac is available. For more information see Microsoft Knowledge Base Article 3088502.
• V3.0 (September 30, 2015): Revised bulletin to announce the availability of an update package for Microsoft Office 2016. Customers running Microsoft Office 2016 should apply the 2910993 update to be protected from the vulnerabilities discussed in this bulletin. The majority of customers have automatic updating enabled and will not need to take any action because the update will be downloaded and installed automatically.
• V4.0 (October 13, 2015): Revised bulletin to announce the availability of an update package for Microsoft Excel 2016. Customers running Microsoft Excel 2016 should apply update 2920693 to be protected from the vulnerabilities discussed in this bulletin. The majority of customers have automatic updating enabled and will not need to take any action because the update will be downloaded and installed automatically.
• V5.0: (November 10, 2015): To comprehensively address CVE-2015-2545, Microsoft re-released security updates for all affected Microsoft Office software. Microsoft recommends that customers running affected editions of Microsoft Office software should install the security updates released with this bulletin revision to be fully protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See Microsoft Knowledge Base Article 3089664 for more information.

Page generated 2015-11-11 10:53-08:00.