Description of the security update for Project Server 2013: May 9, 2017

Applies to: Microsoft Project Server 2013 Service Pack 1


This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2017-0281.

Note To apply this security update, you must have the release version of Project Server 2013 Service Pack 1 installed on the computer.

Improvements and fixes

This security update fixes the following nonsecurity issues:
  • Some summary resource assignment work or actual work values may have large negative numbers. This issue may cause the project publish process to fail.


  • When you create a project web app instance at the root, and then you create project sites under a different site collection, you can't use the project details link in the project sites to return to the project. Instead, you may see an error message that resembles the following: 

    This page can't be displayed

    Make sure the web address http://projectdrilldown.aspx is correct.

    Look for the page with your search engine.

    Refresh the page in a few minutes.


  • Consider the following scenario:

    • In project professional, you publish a project that contains a collapsed summary task.

    • You open the project in Project Web App, and then you edit the project.

    • You apply a filter to the project that sets criteria that should display tasks that are underneath the collapsed summary task.

    In this scenario, tasks that should appear do not appear.


How to get and install the update

Method 1: Microsoft Update

Method 2: Microsoft Update Catalog

Method 3: Microsoft Download Center

More Information

Security update deployment information

For deployment information about this update, see security update deployment information: May 9, 2017.

Security update replacement information

This security update does not replace any previously released security update.

File hash information

Package name Package hash SHA 1 Package hash SHA 2
pjsrvloc2013-kb3191890-fullfile-x64-glb.exe EF4025146FF613FA8C42E678BDFEA0CA2A9A315D 6E76A95E8A8DFDC4EFF7610412E8CF10913B3C351F545040FE2CFDADFBDDBC49

File information

How to get help and support for this security update