Select the product you need help with
- Internet Explorer
- Windows Phone
- More products
MS10-031: Vulnerability in Microsoft Visual Basic for Applications could allow remote code execution
Article ID: 978213 - View products that this article applies to.
Microsoft has released security bulletin MS10-031. To view the complete security bulletin, visit one of the following Microsoft Web sites:
How to obtain help and support for this security updateHelp installing updates: Support for Microsoft Update
Security solutions for IT professionals: TechNet Security Troubleshooting and Support
Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center
Local support according to your country: International Support
Known issues and additional information about this security updateFor more information about this security update and for information about any known issues with specific releases of this software, click the following article numbers to view the articles in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/976380/ )MS10-031: Description of the security update for Office XP: May 11, 2010
(http://support.microsoft.com/kb/976382/ )MS10-031: Description of the security update for Office 2003: May 11, 2010
(http://support.microsoft.com/kb/976321/ )MS10-031: Description of the security update for the 2007 Office system: May 11, 2010
(http://support.microsoft.com/kb/974945/ )MS10-031: Description of the security update for Microsoft Visual Basic for Applications runtime: May 11, 2010
Frequently asked QuestionsQ: This security update applies only to Microsoft software. How can I determine whether third-party applications have deployed an affected version of the Visual Basic for Applications runtime (VBE6.DLL) on my system?
A: Third-party applications that support VBA could deploy VBE6.DLL in a location that is not updated by this security update. In the case that you do have a third-party application that installed its own copy of VBE6.DLL, to help ensure that your system has improved protection from the vulnerability described in this bulletin, you should contact the developer or vendor responsible for support for the third-party application directly.
To create a list of copies of the vbe6.dll file on the hard disk, at an elevated command prompt, type the following commands and press ENTER after each command:
cd \Note If there are multiple partitions on the system, you may need to run these commands for each partition.
dir /a /s vbe6.dll >>c:\vbe6list.txt
Security update replacement informationThis security update replaces the following security updates:
(http://support.microsoft.com/kb/921645/ )MS06-047: Vulnerability in Microsoft Visual Basic for Applications could allow remote code execution
(http://support.microsoft.com/kb/947108/ )MS08-013: Vulnerability in Microsoft Office could allow remote code execution
Article ID: 978213 - Last Review: May 8, 2012 - Revision: 5.0