Symptoms
After you install security update that is described in Microsoft Security Bulletin MS14-082, you may experience one of the following symptoms:
Symptom 1
When you insert a Forms ActiveX control (forms3) into a Microsoft Office document, or when you edit the properties of a control, you may receive an error message that resembles one of the following in an ActiveX custom Office solution:
Visio cannot insert this control because its TypeInfo did not merge correctly. Ensure all parameter types are VBA friendly. Delete TEMP *.exd file if necessary.
Object library invalid or contains references to object definitions that could not be found.
Cannot insert object.
The program used to create this object is Forms. That program is either not installed on your computer or it is not responding. To edit this object, install Forms or ensure that any dialog boxes in Forms are closed.
Note In this last error message, the Forms text may be replaced by the GUID of the control.
Symptom 2
When you use Office Click-to-Run to install Office 2013 on a computer that has a Side-by-Side installation of the 2007 Office suite or Office 2010, you may experience the same errors that are mentioned in the "Symptom 1" section.
Symptom 3
After you save a Microsoft Excel workbook that includes ActiveX control (forms3) on a computer that has MS14-082 installed, the Excel macro may not work on computers that do not have MS14-082 installed.
Resolution
To resolve all the issues that are described in the "Symptoms" section, install the following updates to affected computers for all versions of Office that you have installed.
Note You should install all the updates for all the versions of Office that you have installed to obtain the full result of the fix. If you use a side-by-side combination of Office 2013 C2R-installed and Office MSI-installed products, you have to update all products at the same time. For more information, see the "Important information about the change" section.Office 2013 (Click-to-Run installations)
Office 2013 Click-to-Run (C2R) clients should automatically receive updates that include this fix. Verify that you are running version 15.0.4701.1002 or a later version to make sure that the fix will be installed. See the "More Information" section for information about how to determine whether you are using the C2R version of Office 2013 and what the currently installed version is. If you are not running version 15.0.4701.1002 or a later version, you can force an online manual repair of Office 2013 to make sure that you obtain the most recent updates. how to repair Office. Learn more about Office Click-to-Run.
Learn aboutOffice 2013 (MSI installations)
2920754 March 10, 2015, update for Office 20132956145 March 10, 2015, update for Excel 2013 2956163 MS15-022: Description of the security update for Word 2013: March 10, 2015 2965206 March 10, 2015, update for PowerPoint 20132956176 March 10, 2015, update for Access 2013 2956155 March 10, 2015, update for Visio 2013
Office 2010
2920813 March 10, 2015, update for Office 2010 2956142 MS15-022: Description of the security update for Microsoft Excel 2010: March 10, 20152956139 MS15-022: Description of the security update for Word 2010: March 10, 20152920812 MS15-022: Description of the security update for PowerPoint 2010: March 10, 20152837601 March 10, 2015, update for Access 20102878283 March 10, 2015, update for Visio 2010
The 2007 Office system
2984939 MS15-022: Description of the security update for the 2007 Microsoft Office suite: March 10, 2015 2920794 March 10, 2015, update for the 2007 Office system2956103 MS15-022: Description of the security update for Microsoft Excel 2007 Service Pack 3: March 10, 2015 2956109 MS15-022: Description of the security update for Word 2007 SP3: March 10, 20152899580 MS15-022: Description of the security update for PowerPoint 2007 Service Pack 3: March 10, 20152817561 March 10, 2015, update for Visio 2007
More Information
Important information about the change
The Microsoft Forms Control package (FM20.dll) is a shared component that is used between applications in side-by-side installations of Office. Make sure that the fix is applied to all side-by-side-installed versions of Office to make sure that all versions are updated correctly to work together with the changes to the controls. For minimal disruption, these updates should be applied together. Be aware earlier versions of Office (that is, versions that are earlier than the 2007 Office system) will not be updated to work with the updated Forms (FM20) shared component. This means that an installation of this update on a computer that has a pre-2007 Office system version installed side by side with a later version may prevent the earlier version from functioning correctly with the standard Forms controls. This is a known limitation and can be resolved only by updating older versions to one of the supported versions that are mentioned in the "Resolution" section.
After this update is installed, you will be unable to use forms controls from Internet Explorer or HTA web projects. Microsoft has never officially supported these controls for such use, and we strongly encourage anyone who used them to find replacement controls or rework the project to use HTML5 without the need for ActiveX controls. Removing the security (killbit) keys for any forms control is unsupported and is strongly discouraged. It is our intention that these controls never be used from webpage solutions. Third-party products that use forms controls from native code should not be affected unless those products have explicit code to follow Internet Explorer security checks (killbit settings) or use Internet Explorer for webpage viewing together with controls in those webpages. Those applications have to make their own code changes to handle exception cases for those uses. Software developers can contact Microsoft for support help on such issues.How to determine whether Office 2013 is MSI or Click-to-Run
To determine whether the installation of Office 2013 on your system is MSI based or Click-to-Run based, follow these steps:
-
Start an Office 2013 application, such as Microsoft Word 2013.
-
On the File menu, click Account.
-
For Office 2013 Click-to-Run-based installations, an Update Options item is displayed. For MSI-based installations, the Update Options item is not displayed.
Office 2013 Click-to-Run installation |
MSI-based Office 2013 |
---|---|
Handling outdated extenders
The updates that are included in the "Resolution" section will make sure that the cache extender file for the Microsoft Forms Control package (MSForms.exd) is removed and updated as needed for each user who loads any of these controls. However, if you suspect a problem with an incorrect extender, you may want to manually remove the extenders to verify that you have a clean copy after an application restart.
To manually remove cached control extender objects, follow these steps:-
In Windows Explorer, open the %TEMP% folder, and then search for "*.exd" in all subfolders.
-
Delete all instances in which that file is found. This includes all subfolders.
Note The .exd files will be re-created automatically when you use the new controls the next time that you use VBA. These extender files will be under the user's profile and may also be in other locations, such as the following folders:
-
%appdata%\microsoft\forms
-
%temp%\excel8.0
-
%temp%\word8.0
-
%temp%\PPT11.0
-
%temp%\vbe
Here's an easy fix
Note Before you run either of the following easy fix solutions, make sure that the affected applications are closed.
To automatically remove cached control extender files, run either of the following easy fix solutions: The following easy fix solution will delete the .exd files for the currently logged-on user:The following easy fix solution must be run by an administrator and will delete the .exd files for all user accounts on the computer: