MS17-014: Description of the security update for Excel 2010: March 14, 2017

Summary

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Security Bulletin MS17-014.

Note To apply this security update, you must have the release version of Service Pack 2 for Office 2010 installed on the computer.

For a complete list of affected versions of Microsoft Office software, see Microsoft Knowledge Base article KB4013241.

Improvements and fixes

This security update contains improvements and fixes for the following nonsecurity issues:

When you save a workbook that has future metadata in cells with Boolean or error values in Excel 2010, Excel crashes. Or, the future metadata in cells with Boolean or error values are corrupted.
When you copy and paste a range of data that includes external links cross workbooks in Excel 2010, Excel crashes.
When you use the Allow Users to Edit Ranges function to add a user to a range data in Excel 2010, Excel crashes.

Known issues in this security update

After you install this security update, Excel 2010 may crash or hang (stop responding or freeze) when calculations are performed in a workbook. The calculations may be triggered either by code or by user interaction.

To resolve this issue, install the March 28, 2017 update for Excel 2010 (KB3191855). For more information, click the following article number to view the article in the Microsoft Knowledge Base:
3191855 March 28, 2017, update for Excel 2010 (KB3191855)

How to get and install the update

Method 1: Microsoft Update

Method 2: Microsoft Update Catalog

Method 3: Microsoft Download Center

More Information

Security update deployment information

For deployment information about this update, see Microsoft Knowledge Base article KB4013241.

Security update replacement information

This security update replaces previously released security update KB3128037.

File hash information

Package Name	Package Hash SHA 1	Package Hash SHA 2
excel2010-kb3178690-fullfile-x86-glb.exe	A672A9D6065BB4E4747C6CC6997F54C135CA0127	635098AE2E40CE45581268CB0217EC6C728C4C56FA027C9F3939AC18717DDE44
excel2010-kb3178690-fullfile-x64-glb.exe	DA89B374474DEE452900DD36EC56F24CF0964C54	1603A7831E3484B395FBE9FE18558E91ED5FE82E6931579F2FF9318A6FBB94C2

File information

The English version of this security update has the file attributes (or later file attributes) that are listed in the following table.

For all supported x86-based versions of Excel 2010

File identifier	File name	File version	File size	Date	Time
excel.exe	excel.exe	14.0.7179.5000	20,412,096	17-Feb-2017	01:39
excel.man	excel.exe.manifest		1,194	06-Nov-2009	12:00
xl12cnv.exe	excelcnv.exe	14.0.7179.5000	17,849,536	16-Feb-2017	11:26
xlcall32.dll	xlcall32.dll	14.0.7162.5000	10,432	13-Oct-2015	07:52
xlicons.exe	xlicons.exe	14.0.7120.5000	1,480,360	05-Mar-2014	07:06

For all supported x64-based versions of Excel 2010

File identifier	File name	File version	File size	Date	Time
excel.exe	excel.exe	14.0.7179.5000	27,668,160	17-Feb-2017	01:42
excel.man	excel.exe.manifest		1,196	06-Nov-2009	12:23
xl12cnv.exe	excelcnv.exe	14.0.7179.5000	25,062,080	16-Feb-2017	11:25
xlcall32.dll	xlcall32.dll	14.0.7162.5000	10,944	13-Oct-2015	08:00
xlicons.exe	xlicons.exe	14.0.7120.5000	1,480,360	05-Mar-2014	07:06