MS15-022: Description of the security update for SharePoint Foundation 2010: March 10, 2015

Applies to: Microsoft SharePoint Foundation 2010


This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Microsoft Word file in an affected version of Office.

Improvements and fixes

This security update also contains fixes for the following nonsecurity issues:
  • Repeated export and import by using the PRIME APIs can corrupt folder properties.
  • When you perform a query that contains more than 10 lists and one of the lists has more than 5,000 items with unique permissions, the Content Query web part returns no results.
  • Some UI issues occur in a SharePoint 2010 site when using Apple Safari 7.1.
  • Assume that you use a Groove managed API to add a Metro document, and then you edit and update the document. In this situation, new .zip file encoding occurs for the same data. Then, the signature check may fail. When this issue occurs, a SharePoint Workspace fetch request may stall in receive mode although it has received all the data for the fetch.
  • If you restore folders or files in a folder during the incremental content deployment, the deployment fails and you receive an error message that resembles the following:
    Violation of PRIMARY KEY constraint 'PK__#ExportO__unique hex number'. Cannot insert duplicate key in object 'dbo.#ExportObjects'. The duplicate key value is (GUID).


Microsoft has released security bulletin MS15-022. Learn more about how to obtain the fixes included in this security bulletin:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security support and troubleshooting

Help protect your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International support

More information about this security update

Note After you install this security update on all SharePoint servers and SharePoint services, you have to run the PSconfig tool to complete the installation.

Download information

This update is available for download from the Microsoft Download Center.

Prerequisites to apply this security update

To apply this update, you must have either Microsoft SharePoint Server 2010 Service Pack 1 (SP1) or Service Pack 2 (SP2) installed.

Restart information

You may have to restart the computer after you install this security update.

In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart the computer.

To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install this security update.

Learn about why you may be prompted to restart your computer after you install a security update on a Windows-based computer.

Removal information

This security update cannot be removed.

Security update replacement information

This security update replaces update 2889838.