This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2018-0907.
Note To apply this security update, you must have the release version of Excel 2016 installed on the computer.
Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer (.msi)-based edition of Office 2016. It doesn't apply to the Office 2016 Click-to-Run editions, such as Microsoft Office 365 Home. (Determining your Office version)
Note Security update 4011220 addresses a risk that is associated with macros that are assigned to objects in an Excel workbook. Update 4011220 now warns users about the potential security risk by showing the trust bar. The content at risk is not part of what is digitally signed when workbook macros are digitally signed. Update 4011220 may change customer scenarios that rely on digitally signed macros that are attached to objects in the workbook. This is because, by design, this feature does not show the trust bar. Therefore, there would be no way for users to allow such documents to function.
Based on customer feedback, we have released security update 4011727. This is a less restrictive update that addresses the majority of those customer cases. Ideally, customers don’t have to change the relevant registry setting because the default behavior currently maps to more lenient settings. This could be changed in the future if it is necessary.
- If users were not affected by CVE-2017-11877 and don’t rely on the digital signed macros feature, they could restore the registry setting to the more restrictive and safer behavior.
- If users have critical business processes that are still broken even after update 4011727 is installed to address digital signed macros on objects, they can change the registry setting to allow the macros.
Note We do not recommend that you change the registry setting to allow the macros because this will expose the system to a known possible attack vector.
For more information about security update 4011220, see Microsoft Common Vulnerabilities and Exposures CVE-2017-11877.
For more information about security update 4011727, see Microsoft Common Vulnerabilities and Exposures CVE-2018-0907.
Improvements and fixes
This security update contains improvements and fixes for the following nonsecurity issues:
This security update also contains the following improvements for Excel 2016:
- Improves the translation of the Defer Layout Update check box for the Danish version
A new registry key has been added to provide more control over object macros security. The "RestrictObjectMacros" DWORD registry key under HKCU/Software/Microsoft/Office/16.0/Excel/Security supports the following values:
0 (or not present) – Default behaviorImportant This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
1 – Strict
2 – Lenient
3 – None (not recommended)322756 How to back up and restore the registry in Windows
This security update contains fixes for the following nonsecurity issues:
- This update fixes an issue in which you create Boolean fields by using the CreatePivotFields method in Excel VBA.
For files that contain special characters in the worksheet names, you may experience file corruption issues on a round trip across some locales. Additionally, you receive an error message that resembles the following:
Excel found unreadable content in 'FileName '. Do you want to recover the contents of this workbook? If you trust the source of this workbook, click Yes.
- The Show Details (drill-through) function may not work.
- You cannot edit any cells if the Application.DisplayFormulaBar and Application.ScreenUpdating properties in VBA are set to FALSE in Excel 2016.
- Fixes the translation of the TRIM function for the Danish version and the Dutch version.
How to get and install the update
Method 1: Microsoft Update
This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.
Method 2: Microsoft Update Catalog
To get the stand-alone package for this update, go to the Microsoft Update Catalog website.
Method 3: Microsoft Download Center
You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.
Security update deployment information
For deployment information about this update, see security update deployment information: March 13, 2018.
Security update replacement information
This security update replaces previously released security update 4011627.
File hash information
|Package name||Package hash SHA 1||Package hash SHA 2|
The English version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.
How to get help and support for this security update
Help for installing updates: Windows Update FAQ
Security solutions for IT professionals: Security Support and Troubleshooting
Help for protecting your Windows-based computer from viruses and malware: Microsoft Secure
Local support according to your country: International Support
Propose a feature or provide feedback on Office Core: Office User Voice portal