Sign in with Microsoft
Sign in or create an account.
Hello,
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.

Summary

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Security Bulletin MS16-004.

Note To apply this security update, you must have the release version of Service Pack 1 for Office 2013 installed on the computer.

For a complete list of affected versions of Microsoft Office software, see KB3124585.


How to obtain and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Get security updates automatically.

Note For Office 2013 RT Service Pack 1, this update is available from Microsoft Update only.

Method 2: Microsoft Download Center

You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

Download Download the security update KB3039794 for 32-bit version of Office 2013

More Information

Known issues in this security update

  • After you install this security update, you have problems that affect your Access database if you use certain Windows common controls. Specifically, these problems occur if you use the controls that are associated with the MSCOMCTL.OCX file that's updated in the security update. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    3139567 Error messages or Access crashes after you install security update MS16-004

Security update deployment information

For deployment information about this update, see Microsoft Knowledge Base Article KB3124585.

Security update replacement information

This security update replaces previously released update KB2880502.

Package Name

Package Hash SHA 1

Package Hash SHA 2

mscomctlocx2013-kb3039794-fullfile-x86-glb.exe

A4C39CB7995B19E71D8ED09DF4DB5173BEC0CD44

676C133AB61D115B92B1AC359A8F4DE479EA118AAAE6A87D6B63C5565477FB80


The English version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

For all supported x86-based versions of Office 2013

File identifier

File name

File version

File size

Date

Time

mscomctl.ocx

mscomctl.ocx

6.01.9846

1070232

8-Dec-15

11:57


Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

Facebook LinkedIn Email
SUBSCRIBE RSS FEEDS

Need more help?

Want more options?

Discover Community

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Microsoft 365 subscription benefits

Microsoft 365 training

Microsoft security

Accessibility center

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Ask the Microsoft Community

Microsoft Tech Community

Windows Insiders

Microsoft 365 Insiders

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!

×