MS10-031: Vulnerability in Microsoft Visual Basic for Applications could allow remote code execution

Article translations Article translations
Article ID: 978213 - View products that this article applies to.
Expand all | Collapse all

On This Page

INTRODUCTION

Microsoft has released security bulletin MS10-031. To view the complete security bulletin, visit one of the following Microsoft Web sites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

MORE INFORMATION

Known issues and additional information about this security update

For more information about this security update and for information about any known issues with specific releases of this software, click the following article numbers to view the articles in the Microsoft Knowledge Base:
976380 MS10-031: Description of the security update for Office XP: May 11, 2010
976382 MS10-031: Description of the security update for Office 2003: May 11, 2010
976321 MS10-031: Description of the security update for the 2007 Office system: May 11, 2010
974945 MS10-031: Description of the security update for Microsoft Visual Basic for Applications runtime: May 11, 2010

Frequently asked Questions

Q: This security update applies only to Microsoft software. How can I determine whether third-party applications have deployed an affected version of the Visual Basic for Applications runtime (VBE6.DLL) on my system?

A: Third-party applications that support VBA could deploy VBE6.DLL in a location that is not updated by this security update. In the case that you do have a third-party application that installed its own copy of VBE6.DLL, to help ensure that your system has improved protection from the vulnerability described in this bulletin, you should contact the developer or vendor responsible for support for the third-party application directly.

To create a list of copies of the vbe6.dll file on the hard disk, at an elevated command prompt, type the following commands and press ENTER after each command:
cd \
dir /a /s vbe6.dll >>c:\vbe6list.txt
Note If there are multiple partitions on the system, you may need to run these commands for each partition.

Security update replacement information

This security update replaces the following security updates:
921645 MS06-047: Vulnerability in Microsoft Visual Basic for Applications could allow remote code execution
947108 MS08-013: Vulnerability in Microsoft Office could allow remote code execution

Properties

Article ID: 978213 - Last Review: May 8, 2012 - Revision: 5.0
APPLIES TO
  • Microsoft Visual Basic for Applications 6.0
  • Microsoft Office Basic 2007
  • Microsoft Office Enterprise 2007
  • Microsoft Office Home and Student 2007
  • Microsoft Office Professional 2007
  • Microsoft Office Professional Plus 2007
  • Microsoft Office Small Business 2007
  • Microsoft Office Standard 2007
  • Microsoft Office Ultimate 2007
  • Microsoft Office Basic Edition 2003
  • Microsoft Office Professional Edition 2003
  • Microsoft Office Professional Enterprise Edition 2003
  • Microsoft Office Standard Edition 2003
  • Microsoft Office Student and Teacher Edition 2003
  • Microsoft Office XP Professional Edition
  • Microsoft Office XP Small Business Edition
  • Microsoft Office XP Standard Edition
  • Microsoft Office XP Standard Edition for Students and Teachers
Keywords: 
kbsurveynew kbsecvulnerability kbsecurity kbsecbulletin kbfix kbexpertiseinter kbbug atdownload KB978213

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com