Microsoft Office remote code execution: May 9, 2017

Summary

A remote code execution vulnerability exists when Microsoft Office improperly validates input before loading dynamic link library (DLL) files. An attacker who successfully exploited this vulnerability could take control of an affected system. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

To learn more about the vulnerability, see CVE-2017-0260.

More Information

Important

  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

Deployment information

For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:

Security update deployment information: May 9, 2017

More Information


File information
The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.

Windows Server 2008 file information

 

Note: The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.

How to obtain help and support for this security update

Help for installing updates: Windows Update: FAQ

Security solutions for IT professionals: TechNet Security Support and Troubleshooting

Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure

Local support according to your country: International Support

File Information

File hash information

File name

SHA1 hash

SHA256 hash

Windows6.0-KB4018106-ia64.msu

E15D9F47D3C39572BBBDC62AEDED2521EE4A7501

0C906DBABE02773179B0A5FBBD2879F68467A6FC06837DFE41E2068CB2B55E3F

Windows6.0-KB4018106-x86.msu

6B74E9BCF693D6FE8457DB2ACD3262BBC78C7C90

E651BDE5DAD59783D88B44143F4EBD29B40CE9E8059ECDCBC641B69599302B6F

Windows6.0-KB4018106-x64.msu

BAD209EDC6E4CA1DE63E2AB461033F9630D32EB4

93853DF9A1AD79995BE4A0D7534DE4462576C996ABB231395232F68E0A5C542A

For all supported ia64-based versions

File name

File version

File size

Date

Time

Platform

Rundll32.exe

6.0.6002.19770

65,024

10-Apr-2017

21:47

IA-64

Rundll32.exe

6.0.6002.24089

65,024

07-Apr-2017

14:35

IA-64

Rundll32.exe

6.0.6002.19770

44,544

10-Apr-2017

21:40

x86

Rundll32.exe

6.0.6002.24089

44,544

07-Apr-2017

14:31

x86

For all supported x86-based versions

File name

File version

File size

Date

Time

Platform

Rundll32.exe

6.0.6002.19770

44,544

10-Apr-2017

21:40

x86

Rundll32.exe

6.0.6002.24089

44,544

07-Apr-2017

14:31

x86

For all supported x64-based versions

File name

File version

File size

Date

Time

Platform

Rundll32.exe

6.0.6002.19770

47,104

10-Apr-2017

22:03

x64

Rundll32.exe

6.0.6002.24089

47,104

07-Apr-2017

14:54

x64

Rundll32.exe

6.0.6002.19770

44,544

10-Apr-2017

21:40

x86

Rundll32.exe

6.0.6002.24089

44,544

07-Apr-2017

14:31

x86

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

What affected your experience?

Any additional feedback? (Optional)

Thank you for your feedback!

×