Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB2553204
HistoryApr 13, 2020 - 12:00 a.m.

Description of the security update for Office 2010: November 14, 2017

2020-04-1300:00:00
Microsoft
support.microsoft.com
88

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.974 High

EPSS

Percentile

99.9%

JSON

Description of the security update for Office 2010: November 14, 2017

Summary

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2017-11882.

Note To apply this security update, you must have the release version of Service Pack 2 for Office 2010 installed on the computer.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer (.msi)-based edition of Office 2010. It doesn’t apply to the Office 2010 Click-to-Run editions, such as Microsoft Office 365 Home (see Determining your Office version).

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More Information

Security update deployment information

For deployment information about this update, see security update deployment information: November 14, 2017.

Security update replacement information

This security update doesn’t replace any previously released update.

File hash information

Package Name Package Hash SHA 1 Package Hash SHA 2
eqnedt322010-kb2553204-fullfile-x64-en-us.exe F0856A37C414C8E5953BCF3C0D299C72053CD0CB D1443883888C39BA42FCECAC4EC8FA1A5EF819BC176A209DFEDB3C4967DEBA2E
eqnedt322010-kb2553204-fullfile-x64-zh-cn.exe 25E3FE752F887E845BB89059DADF647148F53C17 11ACB21F7B5A77401C9EE9C22ED51F0F20BDB089F3BE46A281DBE5FDC925B301
eqnedt322010-kb2553204-fullfile-x86-en-us.exe A45E3A34CC22713D9BB9EC196A44C05CD0A51F16 A50E99A89B32EC465860F5348F7469F09D24279C0BF6EFBCD7097E2BA51B0860
eqnedt322010-kb2553204-fullfile-x86-zh-cn.exe F8489D5D5C95844C643C7F7A2EB011AAFD1D1C8F 78EA399D1921E04102491D8E412747C5C49BA4F6ECFCD0327EB3176C76FA5644

File information

The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

For all supported x86-based versions of Office 2010

File name File version File size Date Time
eqnedt32.exe_1033 eqnedt32.exe 17081400 552,680 02-Nov-2017
eqnedt32.exe_2052 eqnedt32.exe 17081400 552,680 02-Nov-2017

For all supported x64-based versions of Office 2010

File name File version File size Date Time
eqnedt32.exe_1033 eqnedt32.exe 17081400 552,680 02-Nov-2017
eqnedt32.exe_2052 eqnedt32.exe 17081400 552,680 02-Nov-2017

How to get help and support for this security update

Help for installing updates: Windows Update FAQ

Security solutions for IT professionals: Security Support and Troubleshooting

Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure

Local support according to your country: International SupportPropose a feature or provide feedback on Office: Office User Voice portal

Related

threatpost 167
mskb 2
talosblog 3
securelist 8
carbonblack 2
malwarebytes 2
openvas 2
thn 7
cert 1
zdt 1
hivepro 1
mscve 1
cisa_kev 1
symantec 1
threatpost
threatpost
Osiris Banking Trojan Displays Modern Malware Innovation
2018-09-12 16:12:55
Microsoft Warns of Sneaky New Macro Trick
2016-05-21 09:00:53
Dennis Fisher and Mike Mimoso on VENOM, Marketing Bugs, and More
2015-05-15 11:34:18
mskb
mskb
Description of the security update for Office 2013: November 14, 2017
2017-11-14 08:00:00
Description of the security update for 2007 Microsoft Office Suite: November 14, 2017
2020-04-13 00:00:00
talosblog
talosblog
Loda RAT Grows Up
2020-02-12 12:08:44
RATs and stealers rush through “Heaven’s Gate” with new loader
2019-07-02 15:56:23
Malicious campaign uses a barrage of commodity RATs to target Afghanistan and India
2021-10-26 13:13:13
securelist
securelist
Spam and phishing in Q3 2020
2020-11-12 10:00:54
APT trends report Q2 2023
2023-07-27 10:00:22
Spam and phishing in Q2 2021
2021-08-05 10:00:45
carbonblack
carbonblack
Threat Analysis: Equation Equals Backdoor
2017-11-22 18:50:11
TAU Threat Intelligence Notification: NanoCore – Old Malware, New Tricks!
2019-03-20 19:14:15
malwarebytes
malwarebytes
Microsoft is now disabling Excel 4.0 macros by default
2022-01-25 11:39:20
Beware of malware offering “Warm greetings from Saudi Aramco”
2022-03-05 17:35:27
openvas
openvas
Microsoft Office 2007 Service Pack 3 Remote Code Execution Vulnerability (KB4011276)
2017-11-15 00:00:00
Microsoft Office 2016 Remote Code Execution Vulnerability (KB4011262)
2017-11-15 00:00:00
thn
thn
Hackers Exploit Recently Disclosed Microsoft Office Bug to Backdoor PCs
2017-11-28 23:05:00
Researchers Uncover Cyber Espionage Operation Aimed At Indian Army
2020-09-28 13:27:00
TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks
2024-04-16 13:39:00
cert
cert
Microsoft Office Equation Editor stack buffer overflow
2017-11-15 00:00:00
zdt
zdt
Microsoft Office Equation Editor Code Execution Exploit
2017-12-06 00:00:00
hivepro
hivepro
Russian threat actor UAC-0056 targets European countries
2022-03-18 08:27:31
mscve
mscve
Microsoft Office Memory Corruption Vulnerability
2017-11-14 08:00:00
cisa_kev
cisa_kev
Microsoft Office Memory Corruption Vulnerability
2021-11-03 00:00:00
symantec
symantec
Microsoft Office CVE-2017-11882 Memory Corruption Vulnerability
2017-11-14 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.974 High

EPSS

Percentile

99.9%

JSON
Related for KB2553204
threatpost167mskb2talosblog3securelist8carbonblack2malwarebytes2openvas2thn7cert1zdt1hivepro1mscve1cisa_kev1symantec1