United States

Change

All Microsoft Sites

Help and Support

MS07-013: Vulnerability in Microsoft RichEdit could allow remote code execution

View products that this article applies to.

Article ID	:	918118
Last Review	:	October 11, 2007
Revision	:	2.2

SUMMARY

Microsoft has released security bulletin MS07-013. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites:

•	Home users: http://www.microsoft.com/athome/security/update/bulletins/200702.mspx (http://www.microsoft.com/athome/security/update/bulletins/200702.mspx)
•	IT professionals: http://www.microsoft.com/technet/security/bulletin/ms07-013.mspx (http://www.microsoft.com/technet/security/bulletin/ms07-013.mspx)

Windows Server 2003

The version numbers of the following two binaries that are included in Microsoft Windows Server 2003 Service Pack 2 (SP2) are lower than the version numbers that are included in the MS07-013 Windows Server 2003 security update (KB918118):

•	RichEd20.dll
•	Msftedit.dll

In both of the following scenarios, Windows Server 2003 will be updated with the security update that is mentioned in the MS07-013 security update (KB918118):

•	Scenario 1 You install Windows Server 2003 SP2, and you had not previously installed the MS07-013 security update.
•	Scenario 2 You install Windows Server 2003 SP2 after you install the MS07-013 security update. Note In this scenario, the binaries that are installed as part of the MS07-013 security update will remain on the system after you install Windows Server 2003 SP2.

APPLIES TO

•

Microsoft Office 2000 Service Pack 3, when used with:

		Microsoft Access 2000 Standard Edition
		Microsoft Excel 2000 Standard Edition
		Microsoft FrontPage 2000 Standard Edition
		Microsoft Outlook 2000 Standard Edition
		Microsoft PowerPoint 2000 Standard Edition
		Microsoft Publisher 2000 Standard Edition
		Microsoft Word 2000 Standard Edition

•

Microsoft Office XP, All Editions Service Pack 3 (SP-3), when used with:

		Microsoft Access 2002 Standard Edition
		Microsoft Excel 2002 Standard Edition
		Microsoft FrontPage 2002 Standard Edition
		Microsoft Outlook 2002 Standard Edition
		Microsoft PowerPoint 2002 Standard Edition
		Microsoft Publisher 2002 Standard Edition
		Microsoft Word 2002 Standard Edition

•

Microsoft Office 2003 Service Pack 2, when used with:

		Microsoft Office Access 2003
		Microsoft Office Excel 2003
		Microsoft Office FrontPage 2003
		Microsoft Office InfoPath 2003
		Microsoft Office OneNote 2003
		Microsoft Office Outlook 2003
		Microsoft Office PowerPoint 2003
		Microsoft Office Publisher 2003
		Microsoft Office Word 2003
		Microsoft Office Word Viewer 2003

•

Microsoft Office Project 2003 Service Pack 2

•

Microsoft Office Visio 2003 Service Pack 2

•

Microsoft Office XP Service Pack 1, when used with:

Microsoft Project 2002 Standard Edition

•

Microsoft Visio 2002 Service Pack 2

•

Microsoft Project 2000 Service Pack 1

•

Microsoft Office 2004 for Mac Professional Edition

•

Microsoft Office 2004 for Mac Standard Edition

•

Microsoft Office 2004 for Mac Student and Teacher Edition

•

Microsoft Office X for Mac Standard Edition

•

Microsoft Windows 2000 Advanced Server

•

Microsoft Windows 2000 Datacenter Server

•

Microsoft Windows 2000 Service Pack 4

•

Microsoft Windows 2000 Professional Edition

•

Microsoft Windows Server 2003 R2 Standard Edition (32-bit x86)

•

Microsoft Windows Server 2003 R2 Enterprise Edition (32-Bit x86)

•

Microsoft Windows Server 2003 R2 Datacenter Edition (32-Bit x86)

•

Microsoft Windows Server 2003 R2 Standard x64 Edition

•

Microsoft Windows Server 2003 R2 Enterprise x64 Edition

•

Microsoft Windows Server 2003 R2 Datacenter x64 Edition

•

Microsoft Windows Server 2003, Standard x64 Edition

•

Microsoft Windows Server 2003, Enterprise x64 Edition

•

Microsoft Windows Server 2003, Datacenter x64 Edition

•

Microsoft Windows Server 2003 Service Pack 1, when used with:

		Microsoft Windows Server 2003, Standard Edition (32-bit x86)
		Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
		Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
		Microsoft Windows Server 2003, Web Edition
		Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
		Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems

•

Microsoft Windows XP Tablet PC Edition

•

Microsoft Windows XP Tablet PC Edition 2005

•

Microsoft Windows XP Media Center Edition 2005

		Microsoft Windows XP Professional
		Microsoft Windows XP Home Edition

•

Microsoft Windows XP Professional x64 Edition

Back to the top

kbbug kbfix kbsecvulnerability kbqfe kbsecurity kbsecbulletin kbpubtypekc kbwin2000presp5fix kbexpertiseinter kbexpertisebeginner KB918118

Article Translations

Related Support Centers

Other Support Options

Need More Help?
Contact a Support professional by Email, Online or Phone.
Customer Service
For non-technical assistance with product purchases, subscriptions, online services, events, training courses, corporate sales, piracy issues, and more.
Newsgroups
Pose a question to other users. Discussion groups and Forums about specific Microsoft products, technologies, and services.