You are currently offline, waiting for your internet to reconnect

MS14-017: Vulnerabilities in Microsoft Word and Office Web Apps could allow remote code execution: April 8, 2014

Support for Office 2003 has ended

Microsoft ended support for Office 2003 on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

This update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a specially crafted file is opened in an affected version of Microsoft Office.
Microsoft has released security bulletin MS14-017. Learn more about how to obtain the fixes included in this security bulletin: To have us fix this problem for you, go to the "Fix it for me" section.
Fix it for me
The Fix it solution described in this section is not intended to be a replacement for any security update. We recommend that you always install the latest security updates. However, we offer this Fix it solution as a workaround option for some scenarios.

For more information about this workaround, go to the following Microsoft Security Advisory webpage: The advisory provides more information about the issue. This includes the following:
  • The scenarios in which you might apply or disable the workaround.
  • How to manually apply the workaround.
Specifically, to see this information, expand the Suggested actions section, and then expand the Workarounds section.

To enable or disable this Fix it solution, click the Fix it button or link under the Enable this fix it heading or under the Disable this fix it heading, click Run in the File Download dialog box, and then follow the steps in the Fix it wizard.

Disable opening RTF content in Microsoft Word

Enable this fix itDisable this fix it

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

More information about this security update

Known issues and additional information about this security update

The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed below each article link.
  • 2878303 MS14-017: Description of the security update for Word 2003: April 8, 2014

    The following are the known issues in security update 2878303. For more information about these known issues, see security update 2878303.
  • 2878237 MS14-017: Description of the security update for Word 2007: April 8, 2014
  • 2863926 MS14-017: Description of the security update for Word 2010 Service Pack 1 and Service Pack 2: April 8, 2014
  • 2863919 MS14-017: Description of the security update for Word 2010 Service Pack 1 and Service Pack 2: April 8, 2014
  • 2863910 MS14-017: Description of the security update for Office 2013 and Office 2013 RT: April 8, 2014
  • 2939132 MS14-017: Description of the Microsoft Office for Mac 2011 14.4.1 Update: April 8, 2014
  • 2878304 MS14-017: Description of the security update for Word Viewer: April 8, 2014
  • 2878236 MS14-017: Description of the security update for the Office Compatibility Pack: April 8, 2014
  • 2863907 MS14-017: Description of the security update for Word Automation Services in Microsoft SharePoint Server 2013: April 8, 2014
  • 2878220 MS14-017: Description of the security update for Word Automation Services in SharePoint Server 2010: April 8, 2014
  • 2878221 MS14-017: Description of the security update for Word Web Apps: April 8, 2014
  • 2878219 MS14-017: Description of the security update for Office Web Apps Server 2013: April 8, 2014

    The following are the known issues in security update 2878219. For more information about these known issues, see security update 2878219.
    • This security update may fail to install on a computer that is running Microsoft Web Apps Server 2013 if the computer also has Office 2013 Service Pack 1 (SP1) installed. Microsoft is researching this problem. We will post more information in this article when the information becomes available.

File hash information

File nameSHA1 hashSHA256 hash

Article ID: 2949660 - Last Review: 04/08/2014 17:13:00 - Revision: 1.0

Microsoft SharePoint Server 2013, Microsoft SharePoint Server 2010, Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats, Microsoft Office for Mac Academic 2011, Microsoft Office for Mac Home and Business 2011, Microsoft Office for Mac Home and Business 2011 Home Use Program, Microsoft Office for Mac Home and Student 2011, Microsoft Office for Mac Standard 2011, Microsoft Word 2013, Microsoft Word 2010, Microsoft Office Word 2007, Microsoft Office Word 2003, Microsoft Word for Mac 2011, Word Viewer, Microsoft Excel for Mac 2011, Microsoft PowerPoint for Mac 2011, Microsoft Outlook for Mac 2011, Microsoft Office Web Apps Server 2013

  • kbsecvulnerability kbsecurity kbsecbulletin kbfix kbexpertiseinter kbbug atdownload KB2949660
Feedback'ms.dqp0';m.content='true';document.getElementsByTagName('head')[0].appendChild(m);" onload="var m=document.createElement('meta');'ms.dqp0';m.content='false';document.getElementsByTagName('head')[0].appendChild(m);" src=""> 50&did=1&t=">amp;t=">esListForLargeScreens track by $index -->
United States (English)
香港特別行政區 - 繁體中文
El Salvador - Español
Panamá - Español
Uruguay - Español
대한민국 - 한국어
España - Español
Paraguay - Español
Venezuela - Español
://">= 1; var varCustomerTracking = 1; var Route = "76500"; var Ctrl = ""; document.write(" id=1&t=">.appendChild(m);" onload="var m=document.createElement('meta');'ms.dqp0';m.content='false';document.getElementsByTagName('head')[0].appendChild(m);" src=""> y>