MS15-116: Security update for Microsoft Office to address remote code execution: November 10, 2015

Summary

This security update resolves a vulnerability in Microsoft Office. To learn more about the vulnerability, see Microsoft Security Bulletin MS15-116.

Note After you apply this security update, you may see a popup window that states that a website wants to open web content in protected mode in Internet Explorer. See Updates to change the way that Internet Explorer interacts with features in Microsoft Office applications for more information.

More information about this security update

The following articles contain more information about this security update as it relates to individual product versions. The articles may contain known issue information.

Non-security-related fixes and improvements that are included in this security update

  • Updates the Word Add-ins API of setSelectedDataAsync by introducing a new coercion type for image. With this new image type, setSelectedDataAsync can insert a picture at the selected location. The image should be provided as a base64-encoded string.
  • Improves the new Word API feature by adding more properties and methods to some objects.
  • Improves the robustness of copying and pasting slide masters and slide layouts in PowerPoint 2016.
  • Improves the robustness for the coauthoring feature in PowerPoint 2016.
  • Adds two new add-in APIs under CustomXmlNode: getTextAsync and setTextAsync. These two new APIs also provide a way add a text value to a built-in CustomXmlNode object when the node has no text value yet.
  • Improves PowerPoint 2013 robustness when you select monitor preferences for slide show view.
  • PowerPoint 2013 saves document links after you do the Update Links operation.
  • Adds the insert picture API to Office Add-ins for Word 2013, Excel 2013, and PowerPoint 2013.
  • Enables failover to multiple proxies during HTTP requests if there's a proxy failure.
  • Improves the translation for authentication messages in Outlook 2013.
  • This update also contains fixes for the following nonsecurity issues:
    • When you save a .doc document as the .docx format or edit and save a .docx document and then close and reopen this document in Word 2016, a hidden table is visible in the document unexpectedly if the hidden table content was formatted by a table style.
    • When you use an IME to type characters in a document in Word 2016 that has Overtype mode enabled, and if the text service is disabled by Microsoft Office IME 2016, undetermined characters aren't displayed.
    • When you edit a document that uses mirror indents in Word 2016, text jumps around somewhat randomly. In this case, if there's a wrapped shape or picture, some text may not be displayed or printed as expected.
    • If the first comment bubble is marked as done in Word 2016, Word 2016 may crash when you select a comment bubble. 
    • If subpixel positioning isn't used in Word 2016, cursor positioning can be incorrect, and text may jump unexpectedly. Various system and Word options may switch off subpixel positioning in Word 2016. This includes some ClearType and remote desktop options.
    • When you edit a line in Word 2016, you may see an incorrect line break. (For example, the line break can be in the middle of a word or before a space.)
    • When you try to save a large document that has hyperlinks in Word 2016, the Save As dialog box appears. However, you can't save the file. In addition, you keep looping back to the Save As dialog box until you cancel the save operation. This issue occurs after a word is auto-corrected by the AutoCorrect feature.
    • When you open a .docm document that has an ActiveX control deleted (for example, by using the OpenXML manipulation) in Word 2016, you receive an error message that resembles the following:
      Can't exit design mode because Control "<control name>" can not be created.
      It's because the state of the ActiveX control still remains in Visual Basic for Applications.
    • When you run a macro that uses the TransformDocument method to convert a document into a different XML format in Word 2016, Word 2016 crashes if there's a text box in the header or footer of the document.
    • When you paste text in a new email message window in Outlook 2013, the text isn't displayed fully. This issue occurs if the lines of the text are greater than the height of the window.
    • Assume that you're using a screen reader when you're editing your email signature in the Signatures and Stationery dialog box in Outlook 2013 and that your email signature has multiple paragraphs. In this situation, the screen reader reads only the first paragraph of the signature.
    • A real-time collaboration session in Word 2016 may lose data after you delete personal information from Document Inspector.
    • When you edit text that has advanced font features or uses complex scripts in Word 2016, Word 2016 may crash.
    • When you use Visio 2016 to save a .vdx file that contains SolutionXML elements that are created in Visio 2010, the SolutionXML elements are lost.
    • When you try to save a large .vsd file in Visio 2016, Visio 2016 crashes, and the file isn't saved.
    • When you open a .vsdx file in Visio 2016, renamed rows in the Shape Data section are deleted for all master instances.
    • When you try to create an organization chart by using a Microsoft SQL server driver, you receive the following error message in the organization chart wizard:
      Invalid data. Your data file is empty.
    • When you copy and paste slides from one presentation to another in PowerPoint 2016, the hyperlinks of shapes in the slides aren't updated.
    • When you turn a slide show to the presenter view and then enter some text in a slide in the normal view in PowerPoint 2016, the text is added slowly in the presenter view but not in the normal view. After all the text is entered, it will appear immediately in the normal view.
    • After you exit PowerPoint 2016, temporary versions of files that are opened from UNC shared folders aren't maintained.
    • You can't use the Shapes.PasteSpecialmethod to paste a shape as a ppPasteShape type in PowerPoint 2016.
    • When you open a document that contains a chart of one of the new chart types (a treemap, sunburst, histogram, box and whisker, Pareto, or waterfall chart) in Office 2016 applications, an image of the chart is displayed in PowerPoint 2016 and Word 2016. In Excel 2016, a bounding box that has a message is displayed instead of the chart.

      Note See An image of a chart or a bounding box that has a message is displayed instead of the chart in Office 2016 applications for more information.
    • When you paste content from Word 2016 or Outlook 2016 by using the Keep Text Only or Keep Source Formatting paste option in OneNote 2016, the pasted content is blank.
    • When you record a video in OneNote 2016 on a Microsoft Surface Pro 3, the preview window is blank.
    • When you print to OneNote 2016 by using the Send To OneNote 2016 printer, the printout is displayed as a red X in other versions of OneNote.
    • Some commands on the mini-toolbar appear black.
    • Assume that you use the Share pane in Office 2016 applications. When you open or close some files in an Office 2016 application, the application may crash.

    • Changes some key-tips to match tooltips and avoid conflicts with other key-tips on ribbon for the Tell Me feature for multiple languages.




    • Prevents intermittent crashes for Office 2016 applications when you open a file from the cloud.
    • Some issues occur that are related to the import and transformation features in the Get & Transform section of the Data tab in Excel 2016. See article 3108701 for more information.
    • An image of a chart or a bounding box that has a message is displayed instead of the chart in Office 2016 applications.
    • Assume that other Office 2016 applications are set to the Dark Gray theme. When you click OK on the Options panel in Access 2016, the theme setting is changed to a colorful theme unexpectedly because Access doesn't support Dark Gray. Therefore, the rest of Office is switched to a colorful theme.
    • Office applications that are running in safe mode run in the White theme. Under certain circumstances, such as attaching or removing a display, an Office 2016 application that is started in safe mode could become visually inconsistent with difficult-to-read text until the application is restarted. Parts of the application would temporarily switch to a colorful theme.
    • Some commands on the mini-toolbar appear black.
    • If the zoom slider level is changed for the first time in Excel 2016, the change isn't propagated to the canvas.
    • After you use an Office 2016 application for a long time, the application UI doesn't isn't updated and becomes unusable. This issue occurs because of a GDI leak that ends up hitting the 10,000 GDI object limit per process that is imposed by Windows. 

      Note This issue is observable by adding the GDI Objects columns in Task Manager.

    • Changes some key-tips to match tooltips and avoid conflicts with other key-tips on ribbon for the Tell Me feature for multiple languages.




    • Improves the visual appearance of the Format Text Effects dialog box in the Dark Gray and Colorful theme.
    • Improves the readability of the Signatures task pane in the Dark Gray theme.
    • Charts can't be inserted in other Office applications such as Microsoft Word or Microsoft PowerPoint if an add-in from a network location is loaded in Excel 2016.
    • If a workbook contains embedded charts of other applications, Excel 2016 may crash.
    • When you rename a worksheet in Excel 2016 in high contrast mode, you can't see the name until the renaming process is complete.
    • An image of a chart or a bounding box that has a message is displayed instead of the chart in Office 2016 applications.
    • Adds the insert picture API to Office Add-ins for Microsoft Word 2016, Microsoft Excel 2016, and Microsoft PowerPoint 2016 applications.

    • VBA library names (Microsoft Office 15.0 Access database engine Object Library and Microsoft Access 15.0 Object Library) aren't updated to reflect Access 2016. This update changes the version number for the Access object library.

    • After you copy, paste, or import forms and reports in Access 2016, the color property settings of existing themes are changed.
    • A new Serbian locale (sr-latn-rs) is added to replace the existing locale (sr-latn-cs). This change adds handling for Access 2016 to work with the Microsoft SharePoint list in this locale.
    • After you set the OverrideDisableAllActiveX Group Policy setting, you can't run the trusted WebBrowser ActiveX control or import wizard in Access 2010 even though you set the DisableAllActiveX Group Policy setting. Additionally, you receive the following error message in the import wizard:
      There is no object in this control.


      Note The DisableAllActiveX registry key is located in the following path:
      HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\Security
    • Assume that you have a document that has combo box content controls that are linked to custom XML parts in a document in Word 2013. After you select a value in one of these controls and then do an undo and a save operation, the type of some content controls is changed from combo box to rich text and loses the mapping to the node in the custom XML part.
    • When you use certain fonts to enter a nonbreaking hyphen to a document in Word 2013, a square is displayed instead of a nonbreaking hyphen.
    • The Do Not Forward business bar information string is cropped and it isn't fully displayed in some non-English versions of Outlook 2013.
    • Assume that you have a document that has footnotes and both manual and automatic page breaks in Word 2013. You set the Numbering to Restart each page in the Footnote and Endnote dialog box. When you print a document in the background, footnote numbers in the printout are numbered consecutively and aren't restarted on each page.
    • When you sort a column of a pivot table that contains more than 1,020 rows in Excel 2013, the data isn't sorted.
    • After you exit slide show of a presentation in PowerPoint 2013, the topology stays extended but does not change to duplicate.
    • When you copy and paste a shape programmatically in a presentation in PowerPoint 2013, the shape isn't pasted as expected. For example, the shape may appear on an incorrect slide, or another shape may take on unexpected formatting.
    • You may be redirected to a URL that's set in the redirect_uri parameter unnoticeably because the redirect URL isn't validated.
    • When you right-click a chart and then select Move Chart to move a chart that contains alternative text to a different sheet, the alternative text defined for the chart disappears.
    • When you sort a column of a pivot table that contains more than 1,020 rows in Excel 2013, the data isn't sorted.
    • Text entries of a data validation list are obscured by an unexpected black rectangle in right-to-left worksheets in Excel 2013.
    • After you call some object models (Range.NumberFormat, Range.HasFormula, Range.HasArray) in Excel 2013, the formula bar doesn't work.
    • When you link a SharePoint list to an Access app, you receive the following error message:
      An error occurred in the client while attempting to communicate with the server.
    • After you set the OverrideDisableAllActiveX Group Policy setting, you can't run the trusted WebBrowser ActiveX control or import wizard in Access 2010 even though you set the DisableAllActiveX Group Policy setting. Additionally, you receive the following error message in the import wizard:
      There is no object in this control.
      The Group Policy is set under the following registry key:
      HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\Security
    • When you open or edit documents that have check boxes in Word 2010 on a Windows 10-based computer, the documents may have incorrect layouts.
    • When you view the physical % complete field on an inserted project summary task in a master project, the value doesn't always reflect the same value on the project summary task within the subproject. In addition, if you open the master project and the subproject isn't in memory, the physical % value is displayed as 0%.
    • When you select a suggestion item from the suggestion list of a combo box in a workbook in Excel 2010, the selected suggestion item isn't selected in the combo box as expected.
    • After you set the OverrideDisableAllActiveX Group Policy setting, you can't run the trusted WebBrowser ActiveX control or import wizard in Access 2010 even though you set the DisableAllActiveX Group Policy setting. Additionally, you receive the following error message in the import wizard:
      There is no object in this control.
      This issue occurs after you apply March 10, 2015, update for Access 2010 (KB2837601). The Group Policy is set under the following registry key:
      HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\Security
    • After you experience certain http errors such as time-out in Outlook 2013, Outlook 2013 may not connect to the mail server.
    • When you select a suggestion item from the suggestion list of a combo box in a workbook in Excel 2013, the selected suggestion item isn't selected in the combo box as expected.
    • The "shared with" list of a file is deleted under the Info pane on the File menu. To see with whom your file is shared, go to the Share pane on the File menu.
    • You can't check in or check out documents in SharePoint Server 2013 if you have an intranet connection but not an Internet connection.
    • When you try to reply or forward an email message that contains a linked image, Outlook 2013 freezes before the image is displayed.
    • Even after you successfully enter your credentials, Office apps continue to prompt for credentials.
    • When you use the MAPI over HTTP transport protocol in Outlook 2013, you may experience repeated reconnect attempts because the X-PendingPeriod header field isn't respected.

      Note To fix this issue, install this update together with November 10, 2015, update for Outlook 2013 (KB3101488). See KB3101355 for more information.
    • Web Services Trust Language (WS-Trust) 2005 support for username or password workflow is broken.
    • After you install October 13, 2015, update for Office 2013 (KB3085566), you can't synchronize files by using the OneDrive for Business client, you receive the error "Credentials needed" or "Please enter your credentials," and you have no option available to enter your credentials.
    • Custom add-in (.vsl) files can't be loaded if dependent .dll files that the add-in needs aren't located in the Office15 or the Windows\System32 folder.
    • Assume that you save a Visio 2013 presentation in the HTML format and then view it in Internet Explorer. When you then search for text and then click an item in the list of found occurrences of the search text, the item is not indicated with an arrow in the drawing.
    • After you apply status updates to project schedules, the actual work contours on some assignments unexpectedly display zero actual work values in various time periods.
    • Assume that you display the Hyperlink field in Project Professional. On a task, you enter an address in the Hyperlink field to a document that's stored on a SharePoint site, and then you click the link. Sometimes in this situation, instead of the document being opened, you're redirected to the root site where the document stores.
    • Assume that you have a summary task that contains one or more subtasks. Then, you make the summary task a non-summary task (either by outdenting all subtasks or by deleting all subtasks). In this scenario, the internal property on the task that specifies the duration format (minutes, hours, days, weeks, and months) may not get set correctly. Therefore, when you publish the project, the reporting data is inaccurate, and the duration of the given task isn't correct. 
    • When you use an auto filter on a text type field (such as the task name) and the values in the field are many and varied, Project 2013 may crash.
    • In some cases, a task's % Complete displays 99% even though the % Work Complete on all the assignments on the task shows 100%.
    • Saving to a SharePoint task list from Project Professional 2013 may fail when there's both an enterprise resource and a user account on the Project Server that share the same name.
    • When you save a project back to a server, you receive the following error message:
      Project Web App was unable to find the specified resource.

    • After you import and merge data from an external source (such as an Excel Workbook), only the first assignment on the task is updated.

More Information

Security update deployment information
File hash information
How to get help and support for this security update
Properties

Article ID: 3104540 - Last Review: Feb 15, 2017 - Revision: 2

Word Viewer, Word 2016, Visio Professional 2016, Visio Standard 2016, Skype for Business 2016, Microsoft Publisher 2016, PowerPoint 2016, OneNote 2016, Microsoft Office 2016 for Mac, Excel 2016, Access 2016, Microsoft Office Home and Business 2016, Microsoft Office Home and Business 2016, Microsoft Office Home and Business 2016, Microsoft Office Home and Business 2016, Microsoft Office Home and Student 2016, Microsoft Office Home and Student 2016, Microsoft Office Home and Student 2016, Microsoft Office Home and Student 2016, Microsoft Office Personal 2016, Microsoft Office Professional 2016, Microsoft Office Professional 2016, Microsoft Office Professional 2016, Microsoft Office Professional 2016, Microsoft Office Professional 2016, Microsoft Office Professional 2016, Microsoft Office Professional 2016, Microsoft Office Professional 2016, Microsoft Office Professional 2016, Microsoft Office Professional Plus 2016, Microsoft Office Standard 2016, Microsoft Office 2013 Service Pack 1, Microsoft Excel 2013, Microsoft Access 2013, Microsoft InfoPath 2013, Microsoft Lync 2013, Skype for Business, Microsoft OneNote 2013, Microsoft PowerPoint 2013, Microsoft Publisher 2013, Microsoft Word 2013, Microsoft Visio 2013 Service Pack 1, Microsoft Project 2013 Service Pack 1, Microsoft Project Professional 2016, Microsoft Project Standard 2016, Microsoft SharePoint Server 2013 Service Pack 1, Microsoft SharePoint Server 2010 Service Pack 2, Microsoft Office Web Apps Service Pack 2, Microsoft Office 2010 Service Pack 2, Microsoft Access 2010, Microsoft Excel 2010, Microsoft InfoPath 2010, Microsoft OneNote 2010, Microsoft PowerPoint 2010, Microsoft Publisher 2010, Microsoft Word 2010, Microsoft Office Web Apps Server 2013 Service Pack 1, Microsoft Visio 2010 Service Pack 2, Microsoft Office Visio 2007 Service Pack 3, Microsoft Office Word 2007, Microsoft Office Word 2007 (Home and Student version), Microsoft Office SharePoint Server 2007, Microsoft Office Publisher 2007, Microsoft Project 2010 Service Pack 2, Microsoft Office Project 2007 Service Pack 3, Microsoft Office PowerPoint 2007, Microsoft Office OneNote 2007, Microsoft Office for Mac Academic 2011, Microsoft Office for Mac Home and Business 2011, Microsoft Office for Mac Home and Business 2011 Home Use Program, Microsoft Office for Mac Home and Student 2011, Microsoft Office for Mac Standard 2011, Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats, Microsoft Office Excel Viewer 2007, Microsoft Office InfoPath 2007, Microsoft Office Excel 2007, Microsoft Office Excel 2007 (Home and Student version), Microsoft Office Access 2007, 2007 Microsoft Office Suite Service Pack 3

Feedback