MS14-022: Description of the security update for SharePoint Designer 2013: May 13, 2014

Introduction
This security update resolves vulnerabilities in Microsoft Office server and productivity software that could allow remote code execution if an authenticated attacker sends specially crafted page content to a target SharePoint server.
Summary
Microsoft has released security bulletin MS14-022. To learn more about this security bulletin:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Support and Troubleshooting

Help protect your Windows-based computer from viruses and malware: Virus and Security Solution Center

Local support according to your country: International Support

Known issues with this security update

After you install this security update on all SharePoint servers, you have to run the PSconfig tool to complete the installation.

Prerequisites to apply this security update

To install this security update, you must have Microsoft SharePoint Designer 2013 installed on the computer.

Restart information

You may have to restart the computer after you install this security update.

In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message is displayed that advises you to restart the computer.

To help reduce the possibility that a restart will be required, stop all affected services and close all applications that may use the affected files before you install this security update.

Learn about why you may be prompted to restart your computer after you install a security update on a Windows-based computer.

Security update replacement information

This security update does not replace a previously released security update.

Removal information

You cannot remove this security update.

File information

The English (United States) version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

For all supported x86-based versions of SharePoint Designer 2013
File nameFile versionFile sizeDateTime
Bdcmeta.xsd26,30025-Apr-201408:23
Bdcmetar.xsd13,08925-Apr-201408:23
Microsoft.office.client.policy.silverlight15.0.4420.101720,12026-Apr-201409:22
Microsoft.office.client.translationservices.silverlight.dll.x6415.0.4420.101728,85626-Apr-201409:22
Microsoft.sharepoint.client.dll15.0.4609.1000470,71225-Apr-201406:25
Microsoft.sharepoint.client.dll_000115.0.4609.1000470,71225-Apr-201406:25
Microsoft.sharepoint.client.documentmanagement.silverlight15.0.4420.101720,16026-Apr-201409:22
Microsoft.sharepoint.client.publishing.silverlight.dll15.0.4420.101761,63226-Apr-201409:22
Microsoft.sharepoint.client.runtime.dll15.0.4561.1000288,96825-Apr-201406:25
Microsoft.sharepoint.client.runtime.dll_000115.0.4561.1000288,96825-Apr-201406:25
Microsoft.sharepoint.client.search.applications.silverlight.dll.x6415.0.4420.101717,60026-Apr-201409:22
Microsoft.sharepoint.client.search.silverlight.dll.x6415.0.4420.101761,60026-Apr-201409:22
Microsoft.sharepoint.client.silverlight.dll15.0.4609.1000423,12026-Apr-201409:22
Microsoft.sharepoint.client.silverlight.runtime.dll15.0.4561.1000188,12826-Apr-201409:22
Microsoft.sharepoint.client.taxonomy.silverlight.dll15.0.4420.101771,33626-Apr-201409:22
Microsoft.sharepoint.client.userprofiles.dll15.0.4567.1000145,10425-Apr-201406:25
Microsoft.sharepoint.client.userprofiles.dll_00115.0.4567.1000145,10425-Apr-201406:25
Microsoft.sharepoint.client.userprofiles.phone.dll15.0.4567.1000144,08825-Apr-201408:23
Microsoft.sharepoint.client.userprofiles.silverlight.dll15.0.4567.1000144,10426-Apr-201409:22
Osfserver_activities_gac15.0.4615.1000266,96826-Apr-201409:22
Osfserver_activities_sdk.x8615.0.4615.1000266,96826-Apr-201409:22
Osfserver_clientdbg_js.x6458,45126-Apr-201409:22
Osfserver_client_dll15.0.4599.100039,12826-Apr-201409:22
Osfserver_client_js.x6434,08326-Apr-201409:22
Osfserver_silverlight_dll15.0.4599.100039,15226-Apr-201409:22
Redist1,56726-Apr-201409:22
Sp.datetimeutil.debug.js.x64114,15426-Apr-201409:22
Sp.datetimeutil.js.x6467,89526-Apr-201409:22
Sp.debug.js.x64984,28226-Apr-201409:22
Sp.documentmanagement.debug.js.x648,97026-Apr-201409:22
Sp.js.x64613,32626-Apr-201409:22
Sp.publishing.debug.js.x64113,88226-Apr-201409:22
Sp.requestexecutor.debug.js.x6481,20126-Apr-201409:22
Sp.requestexecutor.js.x6451,54026-Apr-201409:22
Sp.runtime.debug.js.x64185,61726-Apr-201409:22
Sp.runtime.js.x64111,49326-Apr-201409:22
Sp.search.apps.debug.js.x647,60026-Apr-201409:22
Sp.search.apps.js.x647,60026-Apr-201409:22
Sp.search.debug.js.x64113,91326-Apr-201409:22
Sp.translation.debug.js.x6429,49026-Apr-201409:22
Sp.userprofiles.debug.js.x64140,58126-Apr-201409:22
Sp.userprofiles.js.x64140,57526-Apr-201409:22
Sp_wmd.js.x64191,02926-Apr-201409:22
Taps_tenant.dll.x6415.0.4615.100154,99226-Apr-201409:22
Wefma1_1.xsd57,28826-Apr-201409:22
Wefman.xsd51,97526-Apr-201409:22
Workflowmetadata3,77226-Apr-201409:22
For all supported x64-based versions of SharePoint Designer 2013
File nameFile versionFile sizeDateTime
Apphostwebfeatures.xsd17,57925-Apr-201408:25
Appmanifest.xsd20,39225-Apr-201408:25
Apppartconfig.xsd2,82625-Apr-201408:25
Appsolution.xsd101,25825-Apr-201408:25
Bdcmeta.xsd26,30025-Apr-201408:23
Bdcmetar.xsd13,08925-Apr-201408:23
Camlqry.xsd10,89025-Apr-201408:25
Camlview.xsd19,01425-Apr-201408:25
Coredefs.xsd3,30825-Apr-201408:25
Cpchkers.xsd1,92425-Apr-201408:25
Depl.xsd79,36225-Apr-201408:25
Deplform.xsd87725-Apr-201408:25
Depllook.xsd1,63225-Apr-201408:25
Deplreq.xsd1,26225-Apr-201408:25
Deplroot.xsd1,64225-Apr-201408:25
Deplset.xsd4,49425-Apr-201408:25
Deplsys.xsd3,06525-Apr-201408:25
Depluser.xsd3,38625-Apr-201408:25
Fluidapp.xsd2,72125-Apr-201408:25
Microsoft.office.client.policy.silverlight15.0.4420.101720,12025-Apr-201408:24
Microsoft.office.client.translationservices.silverlight.dll.x6415.0.4420.101728,85625-Apr-201408:24
Microsoft.sharepoint.client.dll15.0.4609.1000470,71225-Apr-201406:25
Microsoft.sharepoint.client.dll_000115.0.4609.1000470,71225-Apr-201406:25
Microsoft.sharepoint.client.documentmanagement.silverlight15.0.4420.101720,16025-Apr-201408:24
Microsoft.sharepoint.client.publishing.silverlight.dll15.0.4420.101761,60825-Apr-201408:25
Microsoft.sharepoint.client.runtime.dll15.0.4561.1000288,96825-Apr-201406:25
Microsoft.sharepoint.client.runtime.dll_000115.0.4561.1000288,96825-Apr-201406:25
Microsoft.sharepoint.client.search.applications.silverlight.dll.x6415.0.4420.101717,60025-Apr-201408:25
Microsoft.sharepoint.client.search.silverlight.dll.x6415.0.4420.101761,60025-Apr-201408:25
Microsoft.sharepoint.client.silverlight.dll15.0.4609.1000423,12025-Apr-201406:25
Microsoft.sharepoint.client.silverlight.runtime.dll15.0.4561.1000188,12825-Apr-201406:25
Microsoft.sharepoint.client.taxonomy.silverlight.dll15.0.4420.101771,33625-Apr-201408:25
Microsoft.sharepoint.client.userprofiles.dll15.0.4567.1000145,10425-Apr-201406:25
Microsoft.sharepoint.client.userprofiles.dll_00115.0.4567.1000145,10425-Apr-201406:25
Microsoft.sharepoint.client.userprofiles.phone.dll15.0.4567.1000144,08825-Apr-201408:23
Microsoft.sharepoint.client.userprofiles.silverlight.dll15.0.4567.1000144,10425-Apr-201408:24
Osfserver_actions4_xsd27,73825-Apr-201408:23
Osfserver_activities_gac15.0.4615.1000266,96825-Apr-201408:23
Osfserver_activities_sdk.x6415.0.4615.1000266,96825-Apr-201408:23
Osfserver_activities_sdk.x8615.0.4615.1000266,96826-Apr-201409:26
Osfserver_clientdbg_js.x6458,45125-Apr-201408:25
Osfserver_client_dll15.0.4599.100039,12825-Apr-201408:25
Osfserver_client_js.x6434,08325-Apr-201408:25
Osfserver_silverlight_dll15.0.4599.100039,15225-Apr-201408:25
Redist1,70526-Apr-201409:26
Resxscriptx.xsd1,22925-Apr-201408:25
Shrulee.xsd1,90925-Apr-201408:25
Shrulew.xsd1,91125-Apr-201408:25
Sp.datetimeutil.debug.js.x64114,15425-Apr-201408:25
Sp.datetimeutil.js.x6467,89525-Apr-201408:25
Sp.debug.js.x64984,28225-Apr-201408:25
Sp.documentmanagement.debug.js.x648,97025-Apr-201408:24
Sp.js.x64613,32625-Apr-201408:25
Sp.publishing.debug.js.x64113,88225-Apr-201408:25
Sp.requestexecutor.debug.js.x6481,20125-Apr-201408:25
Sp.requestexecutor.js.x6451,54025-Apr-201408:25
Sp.runtime.debug.js.x64185,61725-Apr-201408:25
Sp.runtime.js.x64111,49325-Apr-201408:25
Sp.search.apps.debug.js.x647,60025-Apr-201408:24
Sp.search.apps.js.x647,60025-Apr-201408:24
Sp.search.debug.js.x64113,91325-Apr-201408:24
Sp.translation.debug.js.x6429,49025-Apr-201408:24
Sp.userprofiles.debug.js.x64140,58125-Apr-201408:23
Sp.userprofiles.js.x64140,57525-Apr-201408:23
Spkvp.xsd1,72725-Apr-201408:25
Spmtlprm.xsd3,85725-Apr-201408:25
Sp_wmd.js.x64191,02925-Apr-201408:26
Taps_tenant.dll.x6415.0.4615.100154,99225-Apr-201408:26
Usercode.xsd4,29325-Apr-201408:25
Wefma1_1.xsd57,28825-Apr-201408:25
Wefman.xsd51,97525-Apr-201408:25
Wfaction.xsd14,03325-Apr-201408:25
Workflowmetadata3,77225-Apr-201408:23
Wss.xsd112,46325-Apr-201408:25
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service dos
Properties

Article ID: 2863854 - Last Review: 05/13/2014 18:32:00 - Revision: 1.0

Microsoft SharePoint Designer 2013

  • kbqfe kbexpertiseinter kbsecurity kbsecbulletin kbsecvulnerability kbbug kbfix kbsurveynew KB2863854
Feedback