CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
80.8%
This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Security Bulletin MS17-014.
Note To apply this security update, you must have the release version of Service Pack 2 for Microsoft SharePoint Server 2010 installed on the computer.
For a complete list of affected versions of Microsoft Office software, see Microsoft Knowledge Base article 4013241.
This security update contains improvements and fixes for the following nonsecurity issues:
You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.
For deployment information about this update, see Microsoft Knowledge Base article 4013241.
This security update replaces previously released security update 3128029.
Package Name | Package Hash SHA 1 | Package Hash SHA 2 |
---|---|---|
xlsrv2010-kb3178685-fullfile-x64-glb.exe | DB78F19C1D3669047B258FC987F9561CE29F02B4 | BF4AB2ACCE7AD058706521332B0D49B4E6980BA5148D2A61A9C19CB09BBC98FB |
The English version of this security update has the file attributes (or later file attributes) that are listed in the following table.
For all supported x64-based versions of Excel Services on SharePoint Server 2010| File identifier| File name| File version| File size| Date| Time
—|—|—|—|—|—
cuixas.js| cuixas.js| | 263,367| 12-Feb-2014| 04:16
dynamicgridcontent.asmx| dynamicgridcontent.asmx|dynamicgridcontent.json| | 313| 12-Feb-2008| 01:44
ewabrowsercompat.js| ewabrowsercompat.js| | 6,565| 06-Nov-2009| 12:47
ewachart.png| | | 91,313| 30-Mar-2011| 12:15
ewacmdui.xml| ewacmdui.xml| | 116,740| 30-Mar-2011| 04:13
ewainternalwebservice.asmx| ewainternalwebservice.asmx|ewainternalwebservice.json| | 322| 12-Feb-2008| 01:44
ewamenu.js| ewamenu.js| | 41,074| 13-Aug-2015| 03:48
ewamoss.js| ewamoss.js| | 786,371| 10-Jan-2013| 12:36
ewanewwpctrl.ascx| excelwebrenderernewwebpartcontrol.ascx| | 2,202| 15-Jun-2009| 02:07
ewaparameterstaskpane.ascx| ewaparameterstaskpane.ascx| | 1,511| 28-Sep-2009| 10:29
ewareadmodetoolbar.ascx| ewareadmodetoolbar.ascx| | 3,963| 30-Mar-2011| 04:13
ewastringshandler.ashx| ewastringshandler.ashx| | 317| 22-Nov-2012| 09:59
ewrdynamicimageprovider.aspx| dynamicimageprovider.aspx| | 433| 02-Jun-2009| 12:56
ewrdynamicslicerprovider.aspx| dynamicslicerprovider.aspx| | 529| 02-Jun-2009| 12:56
ewrtreeview.js| ewrtreeview.js| | 19,012| 15-Jun-2009| 02:08
ewrxlfilehandler.aspx| xlfilehandler.aspx| | 421| 02-Jun-2009| 12:56
ewrxlviewer.aspx| xlviewer.aspx| | 9,316| 30-Mar-2011| 04:17
ewrxlviewerinternal.aspx| xlviewerinternal.aspx| | 13,540| 30-Mar-2011| 04:17
excelrest.aspx| excelrest.aspx| | 923| 20-Mar-2009| 03:02
excelservercreateapplication.aspx| excelservercreateapplication.aspx| | 5,364| 04-Sep-2009| 06:03
excelserversafedataprovider.aspx| excelserversafedataprovider.aspx| | 6,188| 20-Sep-2008| 09:29
excelserversafedataproviders.aspx| excelserversafedataproviders.aspx| | 5,219| 20-Sep-2008| 09:29
excelserversettings.aspx| excelserversettings.aspx| | 10,724| 22-Apr-2009| 12:42
excelservertrusteddcl.aspx| excelservertrusteddcl.aspx| | 5,753| 20-Jan-2009| 04:23
excelservertrusteddcls.aspx| excelservertrusteddcls.aspx| | 5,196| 20-Sep-2008| 09:30
excelservertrustedlocation.aspx| excelservertrustedlocation.aspx| | 11,928| 04-Sep-2009| 06:03
excelservertrustedlocations.aspx| excelservertrustedlocations.aspx| | 5,213| 20-Sep-2008| 09:30
excelserveruserdefinedfunction.aspx| excelserveruserdefinedfunction.aspx| | 6,048| 20-Jan-2009| 04:24
excelserveruserdefinedfunctions.aspx| excelserveruserdefinedfunctions.aspx| | 5,229| 20-Sep-2008| 09:30
excelservicedisco.aspx| excelservicedisco.aspx| | 1,401| 22-Feb-2008| 12:53
excelservicesadmin.aspx| excelservicesadmin.aspx| | 5,861| 20-Jan-2009| 04:24
excelservicewsdl.aspx| excelservicewsdl.aspx| | 58,456| 15-Jun-2009| 02:06
excelwebrenderer.ascx| excelwebrenderer.ascx| | 4,877| 30-Mar-2011| 04:13
inputformexcelserversetting.ascx| inputformexcelserversetting.ascx| | 2,777| 22-Feb-2008| 12:42
mewadynamicimageprovider.aspx| dynamicimageprovider.aspx| | 433| 02-Jun-2009| 12:56
microsoft.office.excel.webui.internal.dll| microsoft.office.excel.webui.internal.dll| 14.0.7006.1000| 641,640| 22-Nov-2012| 10:18
microsoft.office.excel.webui.mobile.dll| microsoft.office.excel.webui.mobile.dll| 14.0.7160.5000| 114,760| 16-Sep-2015| 01:15
slicerrenderer.ascx| slicerrenderercontrol.ascx| | 7,687| 06-Nov-2009| 12:44
xlsrv.dll| xlsrv.dll| 14.0.7179.5000| 14,664,936| 17-Feb-2017| 01:41
xlsrvintl.dll.1033| xlsrvintl.dll| 14.0.7179.5000| 115,456| 16-Feb-2017| 12:11
Help for installing updates: Windows Update FAQ
Security solutions for IT professionals: TechNet Security Support and Troubleshooting
Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure
Local support according to your country: International Support
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
80.8%