MS14-022: Description of the security update for Windows SharePoint Services 3.0: May 13, 2014

Introduction
This security update resolves vulnerabilities in Microsoft Office server and productivity software that could allow remote code execution if an authenticated attacker sends specially crafted page content to a target SharePoint server.
Summary
Microsoft has released security bulletin MS14-022. To learn more about this security bulletin:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security support and troubleshooting

Help protect your Windows-based computer from viruses and malware: Virus and Security Solution Center

Local support according to your country: International support

Known issues with this security update

After you install this security update, you have to run the PSconfig tool to complete the installation process.  

Prerequisites to apply this security update

To apply this security update, you must have Service Pack 3 for Windows SharePoint Services 3.0 installed on the computer.

For more information about how to obtain the service pack, click the following article number to view the article in the Microsoft Knowledge Base:
949582 How to obtain the latest service pack for Windows SharePoint Services 3.0

Restart information

You may have to restart the computer after you install this security update.

In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart the computer.

To reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install this security update.

For more information, see why you may be prompted to restart your computer after you install a security update on a Windows-based computer.

Security update replacement information

This security update replaces the following security update:
2760420 MS13-067: Description of the security update for Windows SharePoint Services 3.0: September 10, 2013

Removal information

You cannot remove this security update.

File information

The English (United States) version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

For all supported x86-based versions of Windows SharePoint Services 3.0
File nameFile versionFile sizeDateTime
Cfgupddl.sql13807-Jun-201201:35
Configdb.sql66,82307-Jun-201202:17
Configup.sql50,05607-Jun-201201:35
Dwdcw20.dll12.0.6650.5000439,12831-Aug-201112:33
Fldedit.asx181,48808-Feb-201201:10
Fldnew.asx177,04508-Feb-201201:10
Listedit.asx38,33108-Feb-201201:10
Microsoft_sharepoint_dsp_oledb.dll12.0.6650.5000128,88831-Aug-201108:26
Microsoft_sharepoint_dsp_soappt.dll12.0.6650.500087,92831-Aug-201108:26
Microsoft_sharepoint_dsp_sts.dll12.0.6650.5000104,31231-Aug-201108:26
Microsoft_sharepoint_dsp_xmlurl.dll12.0.6650.500087,92831-Aug-201108:26
Microsoft_web_design_server.dll12.0.6650.5000403,33631-Aug-201112:57
Mssph.dll_0001.x8612.0.6650.5000703,31227-Aug-201107:16
Mssrch.dll_0001.x8612.0.6660.50002,066,70414-Mar-201205:21
Offprsx.dll12.0.6671.50001,135,22428-Nov-201202:34
Onetutil.dll12.0.6690.50001,981,12016-Nov-201303:02
Owssvr.dll_000112.0.6690.50003,060,40816-Nov-201303:32
Qstedit.asx190,58108-Feb-201201:11
Qstnew.asx175,26008-Feb-201201:11
Searchom.dll_0003.x8612.0.6650.50001,466,75231-Aug-201110:51
Searchom.dll_0005.x8612.0.6650.50001,466,75231-Aug-201110:51
Sigcfg.cer68907-Jun-201202:17
Sigcfg.dll8,79207-Jun-201202:17
Sigcfg.sql42,67907-Jun-201202:17
Sigsdb.cer.x8668908-Jan-201309:59
Sigsdb.dll.x868,76808-Jan-201309:59
Sigsdb.sql.x86154,68408-Jan-201309:59
Sigstore.cer68920-Jun-201303:51
Sigstore.dll8,86420-Jun-201303:51
Sigstore.sql404,96520-Jun-201303:51
Store.sql2,796,30120-Jun-201303:51
Storeup.sql2,721,42420-Jun-201303:09
Stoupddl.sql13820-Jun-201303:09
Sts.workflows.dll12.0.6650.500071,54431-Aug-201108:26
Stsadm.exe12.0.6652.5000587,68022-Sep-201112:59
Stsap.dll12.0.6676.5000629,45608-Mar-201302:17
Stsapa.dll12.0.6650.5000268,15231-Aug-201108:26
Stslib.dll_000112.0.6672.5000129,64018-Dec-201206:04
Stsom.dll12.0.6690.50009,624,24816-Nov-201303:32
Stsom.dll_000112.0.6690.50009,624,24816-Nov-201303:32
Stssoap.dll12.0.6662.5000313,96811-Jun-201206:09
Stswel.dll12.0.6690.50001,938,61616-Nov-201303:32
Stswfacb.dll12.0.6650.5000194,45631-Aug-201108:26
Stswfact.dll12.0.6650.5000194,45631-Aug-201108:26
Svrsetup.exe12.0.6672.5000439,89619-Dec-201204:54
Timezone.xml74,03229-Aug-201212:13
Tquery.dll_0002.x8612.0.6650.50002,358,09627-Aug-201107:16
Wsdisco.asx1,80606-Mar-201306:27
Wss.search.sql.x86432,51508-Jan-201309:59
Wss.search.up.sql.x86339,78708-Jan-201309:34
Wssadmin.exe_000112.0.6662.500016,03211-Jun-201206:09
Wssadmop.dll_000112.0.6662.5000486,00011-Jun-201206:09
Wsssetup.dll12.0.6672.50006,787,14419-Dec-201204:54
Wswsdl.asx1,90406-Mar-201306:27
Xmlfiltr.dll.x862008.1231.6650.5000102,24827-Aug-201112:42
For all supported x64-based versions of Windows SharePoint Service 3.0
File nameFile versionFile sizeDateTime
Cfgupddl.sql13807-Jun-201201:35
Configdb.sql66,82307-Jun-201202:17
Configup.sql50,05607-Jun-201201:35
Dwdcw20.dll12.0.6606.10001,095,51220-Jul-201111:54
Fldedit.asx181,48808-Feb-201201:10
Fldnew.asx177,04508-Feb-201201:10
Listedit.asx38,33108-Feb-201201:10
Microsoft_sharepoint_dsp_oledb.dll12.0.6602.1000128,88822-Jun-201104:04
Microsoft_sharepoint_dsp_soappt.dll12.0.6602.100087,92822-Jun-201104:04
Microsoft_sharepoint_dsp_sts.dll12.0.6602.1000104,31222-Jun-201104:04
Microsoft_sharepoint_dsp_xmlurl.dll12.0.6602.100087,92822-Jun-201104:04
Microsoft_web_design_server.dll12.0.6602.1000403,33622-Jun-201103:12
Mssph.dll_0001.x6412.0.6607.10001,959,76002-Aug-201106:18
Mssrch.dll_0001.x6412.0.6660.50004,762,38414-Mar-201205:16
Offprsx.dll12.0.6671.50001,762,93628-Nov-201202:24
Onetutil.dll12.0.6690.50003,386,04816-Nov-201302:54
Owssvr.dll_000112.0.6690.50005,208,76015-Nov-201305:17
Qstedit.asx190,58108-Feb-201201:11
Qstnew.asx175,26008-Feb-201201:11
Searchom.dll_0003.x6412.0.6604.10001,568,64005-Jul-201101:49
Searchom.dll_0005.x6412.0.6604.10001,568,64005-Jul-201101:49
Sigcfg.cer68907-Jun-201202:17
Sigcfg.dll8,79207-Jun-201202:17
Sigcfg.sql42,67907-Jun-201202:17
Sigsdb.cer.x6468908-Jan-201309:59
Sigsdb.dll.x648,76808-Jan-201309:59
Sigsdb.sql.x64154,68408-Jan-201309:59
Sigstore.cer68920-Jun-201303:51
Sigstore.dll8,86420-Jun-201303:51
Sigstore.sql404,96520-Jun-201303:51
Store.sql2,796,30120-Jun-201303:51
Storeup.sql2,721,42420-Jun-201303:09
Stoupddl.sql13820-Jun-201303:09
Sts.workflows.dll12.0.6650.500071,54431-Aug-201108:26
Stsadm.exe12.0.6652.5000587,68020-Sep-201108:19
Stsap.dll12.0.6676.5000629,45608-Mar-201302:09
Stsapa.dll12.0.6602.1000268,15222-Jun-201104:04
Stslib.dll_000112.0.6672.5000129,62418-Dec-201205:26
Stsom.dll12.0.6690.50009,624,24815-Nov-201305:17
Stsom.dll_000112.0.6690.50009,624,24815-Nov-201305:17
Stssoap.dll12.0.6662.5000313,96807-Jun-201202:07
Stswel.dll12.0.6690.50003,331,25615-Nov-201305:17
Stswfacb.dll12.0.6602.1000194,45622-Jun-201104:04
Stswfact.dll12.0.6602.1000194,45622-Jun-201104:04
Svrsetup.exe12.0.6672.5000439,89619-Dec-201204:54
Timezone.xml74,03229-Aug-201212:13
Tquery.dll_0002.x6412.0.6604.10004,784,46405-Jul-201101:49
Wsdisco.asx1,80606-Mar-201306:27
Wss.search.sql.x64432,51508-Jan-201309:59
Wss.search.up.sql.x64339,78708-Jan-201309:34
Wssadmin.exe_000112.0.6662.500016,03207-Jun-201202:07
Wssadmop.dll_000112.0.6662.5000486,00007-Jun-201202:07
Wsssetup.dll12.0.6672.50006,787,14419-Dec-201204:54
Wswsdl.asx1,90406-Mar-201306:27
Xmlfiltr.dll.x642008.1231.6605.1000204,13612-Jul-201110:13
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service dos
Properties

Article ID: 2837616 - Last Review: 05/13/2014 18:10:00 - Revision: 1.0

Microsoft Windows SharePoint Services 3.0 Service Pack 3

  • kbqfe kbbug kbexpertiseinter kbsecurity kbsecbulletin kbsecvulnerability kbfix kbsurveynew KB2837616
Feedback