MS16-054: Description of the security update for Word 2013: May 10, 2016

Summary

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Security Bulletin MS16-054.

Note To apply this security update, you must have the release version of Service Pack 1 for Microsoft Office 2013 installed on the computer.

For a complete list of affected versions of Microsoft Office software, see Microsoft Knowledge Base article KB3155544.

Improvements and fixes

This security update contains improvements and fixes for the following nonsecurity issues:
  • Assume that you have a document that's digitally signed and the document has controls that's bound to the document metadata. After the document metadata is updated, Word 2013 still considers the document signature as valid.
    BUG #: 3516392 (Office15)
  • After you enable and disable Split window for a document that has an ActiveX control in Word 2013, Word 2013 crashes.
    BUG #: 3516728 (Office15)
  • When you scroll through a document that has an ActiveX control in Word 2013, the ActiveX control is switched to design mode.
    BUG #: 3516806 (Office15)
  • After you compare or combine two versions of a document that are coauthored by different coauthors in Word 2013, some or even all OLE objects are marked as changed.
    BUG #: 3516915 (Office15)

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see the "Turn on automatic updating in Control Panel" section of this Safety & Security Center article.

Method 2: Microsoft Download Center

You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More Information

Security update deployment information

For deployment information about this update, see Microsoft Knowledge Base article KB3155544.

Security update replacement information

This security update replaces previously released security update KB3114937.

File hash information

Package NamePackage Hash SHA 1Package Hash SHA 2
word2013-kb3115025-fullfile-x64-glb.exe733197E560DAB1E19FF738FED1EE1AF309711815CE475792CDEDDB1061524A30B15954C3710E3701E21A0C5AAE6C71A6D0AF8FFE
word2013-kb3115025-fullfile-x86-glb.exeC6306C17260CA692DB725AFBECC257947E3D3EA36373439FED00CA80089065341E61BFB129AF18CD30344FEF5B4581918F7DFA8C
File information
How to get help and support for this security update
Properties

Article ID: 3115025 - Last Review: May 10, 2016 - Revision: 1

Feedback