Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB2553432
HistorySep 13, 2016 - 7:00 a.m.

MS16-107: Description of the security update for Office 2010: September 13, 2016

2016-09-1307:00:00
Microsoft
support.microsoft.com
18

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.209 Low

EPSS

Percentile

96.4%

JSON

MS16-107: Description of the security update for Office 2010: September 13, 2016

Summary

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Security Bulletin MS16-107.

Note To apply this security update, you must have the release version of Service Pack 2 for Office 2010 installed on the computer.

For a complete list of affected versions of Microsoft Office software, see Microsoft Knowledge Base article 3185852.

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Turn on automatic updating in Control Panel.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More Information

Security update deployment information

For deployment information about this update, see Microsoft Knowledge Base article 3185852.

Security update replacement information

This security update doesn’t replace any previously released update.

File hash information

Package Name Package Hash SHA 1 Package Hash SHA 2
offowc2010-kb2553432-fullfile-x64-glb.exe 4A0640077BF4D7E2704E41019ED7273603095E7F 2E60100F3116986C3E93B10F618CB08838FA64E60A86B24DB0134336B103D7E5
offowc2010-kb2553432-fullfile-x86-glb.exe 6CD58D15279B6131799160E03CEC0227B1308A0D E94A6B3767306ACFA469C4DCC070959C2F9167375F0CC5B58FAA361BB54F5E65

__

File information

The English version of this security update has the file attributes (or later file attributes) that are listed in the following table.

For all supported x86-based versions of Office 2010File identifier File name File version File size Date Time
offowc.dll offowc.dll 14.0.7173.5000 7,290,128 16-Aug-2016 12:06
For all supported x64-based versions of Office 2010File identifier File name File version File size Date Time
offowc.dll offowc.dll 14.0.7173.5000 9,847,048 16-Aug-2016 11:50

__

How to get help and support for this security update

Help for installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware:
Virus Solution and Security Center

Local support according to your country: International Support

Related

mskb 14
mscve 1
checkpoint_advisories 1
prion 1
nvd 1
zdt 1
symantec 1
cvelist 1
openvas 5
cve 1
nessus 2
kaspersky 1
mskb
mskb
Security update 2016-09-13
2016-09-13 07:00:00
MS16-107: Description of the security update for Word Automation Services on SharePoint Server 2013: September 13, 2016
2016-09-13 07:00:00
MS16-107: Description of the security update for Word Automation Services on SharePoint Server 2010: September 13, 2016
2016-09-13 07:00:00
mscve
mscve
Microsoft Office Memory Corruption Vulnerability
2016-09-13 07:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Office Memory Corruption (MS16-107: CVE-2016-3357)
2016-09-13 00:00:00
prion
prion
Memory corruption
2016-09-14 10:59:00
nvd
nvd
CVE-2016-3357
2016-09-14 10:59:30
zdt
zdt
Microsoft Office PowerPoint 2010 - Invalid Pointer Reference
2016-09-21 00:00:00
symantec
symantec
Microsoft Office CVE-2016-3357 Memory Corruption Vulnerability
2016-09-13 00:00:00
cvelist
cvelist
CVE-2016-3357
2016-09-14 10:00:00
openvas
openvas
Microsoft SharePoint Server WAS Remote Code Execution Vulnerability (3115466)
2016-09-14 00:00:00
Microsoft Office Web Apps Multiple Vulnerabilities (3185852)
2016-09-14 00:00:00
Microsoft Office Multiple Remote Code Execution Vulnerabilities (3185852) - Mac OS X
2016-09-14 00:00:00
cve
cve
CVE-2016-3357
2016-09-14 10:59:30
nessus
nessus
MS16-107: Security Update for Microsoft Office (3185852) (Mac OS X)
2016-09-15 00:00:00
MS16-107: Security Update for Microsoft Office (3185852)
2016-09-14 00:00:00
kaspersky
kaspersky
KLA10874 Multiple vulnerabilities in Microsoft Office
2016-09-13 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.209 Low

EPSS

Percentile

96.4%

JSON
Related for KB2553432
mskb14mscve1checkpoint_advisories1prion1nvd1zdt1symantec1cvelist1openvas5cve1nessus2kaspersky1