Description of the security update for Word 2016: January 8, 2019

Applies to: Word 2016

Summary


This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2019-0561 and Microsoft Common Vulnerabilities and Exposures CVE-2019-0585.

Note To apply this security update, you must have the release version of Microsoft Word 2016 installed on the computer.

Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer (.msi)-based edition of Office 2016. It doesn't apply to the Office 2016 Click-to-Run editions, such as Microsoft Office 365 Home (see Determining your Office version).

Improvements and fixes


This security update contains the following improvements:
  • Adds support for future Japanese eras in date fields.

  • Adds support for embedding base64 encoded images in Word 2016.

  • Improves Chinese Traditional translations of the formatted page label in the status bar in the lower-left corner of a document.

This security update contains fixes for the following nonsecurity issues:
  • Considering the following conditions:

  • There are two consecutive optional hyphens in a word in a paragraph in a document.
  • The paragraph is justified through the Justify command in the Paragraph Ribbon.
  • Nonprinting characters are turned on.

In this case, when you type text until the word that contains two consecutive optional hyphens is broken to the next line, Word 2016 crashes.

  • When you open a Word 2010 document that contains a lot of blank spaces in cells in a table by using Word 2016, Word 2016 hangs.

  • When the text in a textbox ends with a hidden paragraph mark and you turn nonprinting characters off, the last line of the text moves down.

  • After you accept or reject the track changes in a date picker control in a document, when you click out of the date picker control, the control is marked as a change again.

  • When you receive an email message that contains a large inline image, the image is compressed and unreadable if it contains text.

  • When you attach a file in an email message, the attachment name is truncated.

  • If Caps Lock key is turned on when the cursor focus is not in Word 2016, the Correct accidental usage of Caps Lock key option that is enabled in the AutoCorrect options won’t work as expected. For example, if you type “tHIS” in a document, that word won’t be replaced by “This”, and Caps Lock won’t be automatically turned off.

  • This update fixes the following issues that concern Quick Parts:

  • When you insert a SharePoint Library column as a Quick Part in a document that contains double-byte character sets (DBCS) characters in the filename, Word 2016 crashes.
  • If a SharePoint lookup field’s name contains a space or other special characters, the text for the field values is not displayed when you insert it as a Quick Part in a Word document.

How to get and install the update


Method 1: Microsoft Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More Information


Security update deployment information

For deployment information about this update, see security update deployment information: January 8, 2019.

Security update replacement information

This security update replaces previously released update KB 4461504.

File hash information

File name SHA1 hash SHA256 hash
word2016-kb4461543-fullfile-x86-glb.exe D288B13DDAD577DA085717981213524842A9052A AEB22517486B84DFDCE6AA59683C066362827B61AFFA6758B7A006C046D0F23F
word2016-kb4461543-fullfile-x64-glb.exe 8DF30924A4C97A6619F26E556686EF141B8496EA A492244481608E37F1F6D1BE28334E1190E91011857D28D81CEEA2A03ED04AE1


File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

How to get help and support for this security update


Help for installing updates: Protect yourself online

Help for protecting your Windows-based computer from viruses and malware: Microsoft Security

Local support according to your country: International Support