MS15-022: Description of the security update for SharePoint Server 2010 Office Web Apps Service Pack 2: March 10, 2015

Applies to: SharePoint Server 2010Excel Web AppLync Web App More

Introduction


This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Office file in an affected version of Office. 

Improvements and fixes

This update also contains a fix for the following nonsecurity issues:
  • Assume that you use Groove managed API to add a Metro document and then edit and update the document. In this situation, a new compressed (.zip) file encoding occurs for the same data. Then, signature check may fail. When this issue occurs, SPW fetch request may stall in receive mode although it has received all data for a fetch.
  • After you apply a November 11, 2014, update for Microsoft Office 2010, Document Inspector will be processed incorrectly. When this issue occurs, Document Inspector modules will not be displayed in the Document Inspector dialog box and in backstage localized versions of Office 2010.

Summary


Microsoft has released security bulletin MS15-022. Learn more about how to obtain the fixes included in this security bulletin:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security support and troubleshooting

Help protect your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International support

More information about this security update

Download information

This update is available for download from the Microsoft Download Center.

Prerequisites to apply this security update

To apply this security update, you must have Service Pack 2 for Office Web Apps 2010 installed on the computer.

Restart information

You may have to restart the computer after you install this security update.

In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart the computer.

To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install this security update.

Learn about why you may be prompted to restart your computer after you install a security update on a Windows-based computer.

Removal information

This security update cannot be removed.

Security update replacement information

This security update does not replace a previously released update.