Summary
This security update resolves a vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Office file. To learn more about the vulnerability, see Microsoft Security Bulletin MS15-099.
More information about this security update
The following articles contain more information about this security update as it relates to individual product versions. The articles may contain known issue information.
-
KB3085635 MS15-099: Description of the security update for Office 2016: November 10, 2015
-
KB3085560 MS15-099: Description of the security update for Office 2010: November 10, 2015
-
KB3085572 MS15-099: Description of the security update for Office 2013: November 10, 2015
-
KB3085620 MS15-099: Description of the security update for Office 2007: November 10, 2015
-
KB3085543 MS15-099: Description of the security update for Excel 2007: September 8, 2015
-
KB3085526 MS15-099: Description of the security update for Excel 2010: September 8, 2015
-
KB3085502 MS15-099: Description of the security update for Excel 2013: September 8, 2015
-
KB3054995 MS15-099: Description of the security update for Excel Viewer: September 8, 2015
-
KB3054965 MS15-099: Description of the security update for Office 2010: September 8, 2015
-
KB3054932 MS15-099: Description of the security update for Office 2013: September 8, 2015
-
KB3085483 MS15-099: Description of the security update for SharePoint Server 2013: September 8, 2015
-
KB3054813 MS15-099: Description of the security update for SharePoint Server 2013: September 8, 2015
-
Enables single sign-on (SSO) for ADAL on cloud domain-joined computers. On cloud domain-joined computers that have Modern Authentication enabled, domain accounts seem to be logged in. However, you can't open files.
-
Selecting an icon set for a KPI in PowerPivot is ignored in Microsoft Excel 2013.
-
This update also contains fixes for the following nonsecurity issues:
-
Consider the following scenario:
-
You add an ActiveX combo box control or an ActiveX list box control to a workbook in Microsoft Excel 2010.
-
The ListFillRange property of the control refers to the data of another worksheet in the workbook.
-
You zoom the views of both worksheets to different zoom factors that are not 100 percent.
-
You try to change the selection of the combo box control or the list box control.
In this scenario, you may receive the following error message:
Not enough system resources to display completely.
-
-
Charts can't be inserted in other Office applications such as Word or PowerPoint if an add-in from a network location is loaded in Excel 2013.
-
Some object model calls (Range::HasArray, Range:HasFormula and Range::NumberFormat) are slower in Excel 2013 than in earlier versions of Excel.
-
When you try to use a third-party application to host Excel 2013 to open a workbook externally in an Excel window, the window opens without a workbook.
-
When you enable the Always use connection file option for an ODBC connection to any data source such as Microsoft Access or Microsoft SQL Server in Excel 2013, Excel 2013 may crash.
-
Fixes an issue that hides detailed error messages from the Power Query users in various scenarios and causes a generic error notification to be displayed instead.
-
When you print or print preview a worksheet in Excel 2013, the name of a group box (form control) is displayed in an incorrect position.
-
When you copy and paste cells that have conditional formatting set in Excel 2013, the conditional formatting rules are duplicated even though the rules already exist in the cells.Registry information" section to fix this issue.
Note After you apply the update, you have to follow the instructions in the " -
Certain edits in PowerPivot cause Power Query connections to be read-only in Excel and block additional edits in Power Query. For more information, see Editing columns and tables from a Power Query connection is no longer possible by using PowerPivot in Excel 2013.
-
Sometimes you receive an out-of-memory error when you create a new Excel window after you use an Excel preview window in Microsoft Outlook.
-
When you print or print preview a worksheet in Excel 2010, the name of a group box (form control) is displayed in an incorrect position.
-
This update changes the way temporary file names are generated for features such as opening read-only files from share folders, sending workbooks as email attachments and interacting with shared workbooks. Therefore, more valid names for .tmp files can be generated. This greatly increases the number of .tmp files that can be opened before a duplicate name occurs.
-
When a user profile is deleted from My Site, an email is sent to the user's manager. However, this email contains a link to the user's root My Site, and this My Site no longer exists. In addition, you receive the following error message:
User not found.
-
When you type a space in the people picker to add a user to a SharePoint group for a Microsoft SharePoint Server 2013 site, a specified permission is added to the group unexpectedly. However, you expect the people picker to report no match.
-
When you enable the Metadata Navigation and Filtering feature in a SharePoint Server 2013 site and select a metadata tag in the site, no results are displayed if the number of terms in the navigation is large.
-
When the Windows SharePoint Services Tracing (SPTrace) service is set up to run under a managed account and the managed account password is changed through SharePoint, the service isn't updated to use the new password and does not start. You may receive an error message that resembles the following:
Windows could not start the "SharePoint Tracing Service" on Local Computer.
Error: 1069: The service did not start due to a logon failure. -
When you try to change the password of a distributed cache account on a SharePoint Server 2013 server, you receive the following error message if the server does not have a distributed cache service instance provisioned:
Sorry, something went wrong.
Operation is not valid due to the current state of the object. -
You can't set connections for a filter web part on a SharePoint Server 2013 site because the Connection Type combo box has no value.
-
When you try to edit a document in a subfolder of a SharePoint Server 2013 document library, you receive the following error message:
A problem occurred while connecting to the server. If the problem continues, contact your administrator.
This issue occurs if you are granted permission to the document by the Shared With function and if the Require Check Out option is enabled for the document library.
-
When you try to use Microsoft Visio 2013 to check in a file to a SharePoint Server 2013 document library that has required columns, you receive an error message resembles the following:
Internal error: #3400 Action 1787: Check In File.
-
When you open a .pdf file in a SharePoint Server 2013 document library that has the Open in the client application option enabled, the .pdf file is still opened in browser.
-
File name is NULL and IAVFileProperties are empty or invalid in SharePoint VSAPI Scan call for old version documents.
-
When you upload a Word 2013 document that has a certain custom property to a document library, the w3wp.exe process crashes.
-
VSAPI doesn't get a subweb relative URL while it downloads a document through explorer view.
-
When you select links in an item of a promoted link list, all links are opened in the same tab even though the launch behavior is set to open links in a new tab.
-
After you change the color of a task bar on project timelines in project center, the color of other task bars is changed unexpectedly.
-
When you rest the mouse pointer on documents that are returned on the Search Center site, you can't see the preview of the documents but instead receive the following message:
To start seeing previews, please log on by opening the document.This issue occurs if the Search Center site is located on a web application that uses the Kerberos authentication.
-
Performance and correctness issues in Windows Azure plugin.
-
More Information
Microsoft Office 2016 (all editions)
Reference Table
The following table contains the security update information for this software.
Security update file name |
For supported editions of Microsoft Office 2016 (32-bit editions): conv2016-kb3085635-fullfile-x86-glb.exe |
For supported editions of Microsoft Office 2016 (64-bit editions): conv2016-kb3085635-fullfile-x64-glb.exe |
|
Installation switches |
|
Restart requirement |
In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.Microsoft Knowledge Base article 887012. To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see |
Removal information |
Use Add or Remove Programs item in Control Panel. |
File information |
|
Registry key verification |
Not applicable |
The 2007 Microsoft Office suite (all editions)
Reference tableThe following table contains the security update information for this software.
Security update file name |
For Microsoft Office 2007 Service Pack 3: convloc2007-kb3085620-fullfile-x86-glb.exe |
Security update file name |
For Microsoft Excel 2007 Service Pack 3: excel2007-kb3085543-fullfile-x86-glb.exe |
For Microsoft Excel Viewer 2007 Service Pack 3: xlview2007-kb3054995-fullfile-x86-glb.exe |
|
For Microsoft Office Compatibility Pack: xlconv2007-kb3054993-fullfile-x86-glb.exe |
|
Installation switches |
|
Restart requirement |
In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.Microsoft Knowledge Base article 887012. To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see |
Removal information |
Use Add or Remove Programs item in Control Panel. |
File information |
See Microsoft Knowledge Base article 3085620 See Microsoft Knowledge Base article 3085543 See Microsoft Knowledge Base article 3054995 See Microsoft Knowledge Base article 3054993 |
Registry key verification |
Not applicable |
Microsoft Office 2010 (all editions) and other software
Reference tableThe following table contains the security update information for this software.
Security update file name |
For Microsoft Office 2010 Service Pack 2 (32-bit editions): convloc2010-kb3085560-fullfile-x86-glb.exe |
For Microsoft Office 2010 Service Pack 2 (64-bit editions): convloc2010-kb3085560-fullfile-x64-glb.exe |
|
For Microsoft Excel 2010 Service Pack 2 (32-bit editions): excel2010-kb3085526-fullfile-x86-glb.exe |
|
For Microsoft Excel 2010 Service Pack 2 (64-bit editions): excel2010-kb3085526-fullfile-x64-glb.exe |
|
Installation switches |
|
Restart requirement |
In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.Microsoft Knowledge Base article 887012. To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see |
Removal information |
Use Add or Remove Programs item in Control Panel. |
File information |
See Microsoft Knowledge Base article 3085560 See Microsoft Knowledge Base article 3085526 |
Registry key verification |
Not applicable |
Microsoft Office 2013 (all editions)
Reference tableThe following table contains the security update information for this software.
Security update file name |
For supported editions of Microsoft Office 2013 (32-bit editions): conv2013-kb3085572-fullfile-x86-glb.exe |
For supported editions of Microsoft Office 2013 (64-bit editions): conv2013-kb3085572-fullfile-x64-glb.exe |
|
For supported editions of Microsoft Excel 2013 (32-bit editions): excel2013-kb3085502-fullfile-x86-glb.exe |
|
For supported editions of Microsoft Excel 2013 (64-bit editions): excel2013-kb3085502-fullfile-x64-glb.exe |
|
Installation switches |
|
Restart requirement |
In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.Microsoft Knowledge Base article 887012. To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see |
Removal information |
Use Add or Remove Programs item in Control Panel. |
File information |
See Microsoft Knowledge Base article 3085572 See Microsoft Knowledge Base article 3085502 |
Registry key verification |
Not applicable |
Microsoft Office 2013 RT (all editions)
Deployment |
The 3085572 update for Microsoft Office 2013 RT is available via Windows Update. |
The 3085502 update for Microsoft Excel 2013 RT is available via Windows Update. |
|
Restart requirement |
In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.Microsoft Knowledge Base article 887012. To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see |
Removal information |
Click Control Panel, click System and Security, click Windows Update, and then under See also, click Installed updates and select from the list of updates. |
File information |
See Microsoft Knowledge Base article 3085572 See Microsoft Knowledge Base article 3085502 |
Office for Mac 2011
Prerequisites
-
You must be running Mac OS X version 10.5.8 or a later version on an Intel processor.
-
Mac OS X user accounts must have administrator credentials to install this security update.
-
You must have Office for Mac 2011 14.1.0 or a later version installed on your computer.
Installing the updateDownload and install the appropriate language version of the Microsoft Office for Mac 2011 14.5.5 Update from the Microsoft Download Center. Then, follow these steps:
-
Exit any applications that are running. This includes virus-protection applications and all Microsoft Office applications because they could interfere with the installation.
-
Open the Microsoft Office for Mac 2011 14.5.5 Update volume on your desktop.
Note This step might have been performed for you. -
To start the update process, double-click the Microsoft Office for Mac 2011 14.5.5 Update application in the Microsoft Office for Mac 2011 14.5.5 Update volume window, and then follow the instructions.
-
When the installation is finished, you can remove the update installer from your hard disk. To verify that the installation finished successfully, see the "Verifying update installation" section. To remove the update installer, drag the Microsoft Office for Mac 2011 14.5.5 Update volume to the Trash, and then drag the file that you downloaded to the Trash.
Verifying update installationTo verify that a security update is installed on an affected system, follow these steps:
-
In Finder, locate the Application Folder (Microsoft Office 2011).
-
Select Word, Excel, PowerPoint, or Outlook, and start the application.
-
On the application menu, click About <Application_Name> (where <Application_Name> represents Word, Excel, PowerPoint, or Outlook).
If the Latest Installed Update Version number is 14.5.5, the update was successfully installed.
Restart requirementThis update does not require you to restart your computer.
Removing the updateThis security update cannot be uninstalled.
More informationIf you have technical questions or problems with downloading or using this update, see Microsoft for Mac Support to learn about the support options that are available to you.
Office for Mac 2016
Prerequisites
-
Mac OS X version 10.10 or a later version on an Intel processor.
-
Mac OS X user accounts must have administrator privileges to install this security update.
Installing the updateDownload and install the appropriate language version of the Microsoft Office for Mac 2016 15.14.0 Update from the Microsoft Download Center. Then, follow these steps:
-
Exit any applications that are running, including virus-protection applications and all Microsoft Office applications because they could interfere with the installation.
-
Open the Microsoft Office for Mac 2016 15.14.0 Update volume on your desktop.
Note This step might have been performed for you. -
To start the update process, double-click the Microsoft Office for Mac 2016 15.14.0 Update application in the Microsoft Office for Mac 2016 15.14.0 Update volume window, and then follow the instructions.
-
When the installation is finished, you can remove the update installer from your hard disk. To verify that the installation finished successfully, see the "Verifying update installation" section. To remove the update installer, first drag the Microsoft Office for Mac 2016 15.14.0 Update volume to the Trash, and then drag the file that you downloaded to the Trash.
Verifying update installationTo verify that a security update is installed on an affected system, follow these steps:
-
In Finder, locate the Application Folder (Microsoft Office 2016).
-
Select Word, Excel, PowerPoint, or Outlook, and start the application.
-
On the application menu, click About Application_Name (where Application_Name is Word, Excel, PowerPoint or Outlook).
If the Latest Installed Update Version number is 15.14.0, the update was successfully installed.
Restart requirementThis update does not require you to restart your computer.
Removing the updateThis security update cannot be uninstalled.
More informationIf you have technical questions or problems with downloading or using this update, see Microsoft for Mac Support to learn about the support options that are available to you.
Microsoft Office Web Apps 2013 (all versions)
Reference tableThe following table contains the security update information for this software.
Security update file name |
For all supported editions of Microsoft Office Web Apps Server 2013 Service Pack 1: wacserver2013-kb3085487-fullfile-x64-glb.exe |
Installation switches |
|
Restart requirement |
In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.Microsoft Knowledge Base article 887012. To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see |
Removal information |
This security update cannot be removed. |
File Information |
See the file information section |
Registry key verification |
Not applicable |
Microsoft SharePoint Server 2013 and SharePoint Foundation 2013 (all editions)
Reference tableThe following table contains the security update information for this software.
Security update file name |
For supported editions of Microsoft SharePoint Server 2013:: acsrvloc2013-kb3054813-fullfile-x64-glb.exe |
For Excel Services on supported editions of Microsoft SharePoint Server 2013 Service Pack 1: xlsrvloc2013-kb3085483-fullfile-x64-glb.exe |
|
For Microsoft SharePoint Server 2013 and Microsoft SharePoint Foundation 2013: sts2013-kb3085501-fullfile-x64-glb.exe |
|
Installation switches |
|
Restart requirement |
In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.Microsoft Knowledge Base article 887012. To help reduce the chance that a restart will be required, stop all affected services and close all applications that may use the affected files prior to installing the security update. For more information about the reasons why you may be prompted to restart, see |
Removal information |
This security update cannot be removed. |
File information |
See the file information section |
Registry key verification |
Not applicable |
Package Name |
Package Hash SHA 1 |
Package Hash SHA 2 |
---|---|---|
acsrvloc2013-kb3054813-fullfile-x64-glb.exe |
248C8D59FB76079D7DFE9FCA95E2FE2D63659AD1 |
6AA048C82242A1B556AF0D020F84E1517DE5B2D62E54ED6B77B5501F72DC14FD |
conv.exe (x64) |
2CFE91AF909CB672F76FD7A52F26618E4A8B62D4 |
FC45184BFF7DDA46E00F0750B41E96919E1110C3897E9799F29253FD5925DDD6 |
conv.exe (x86 ) |
D0CE53FFAAC18E3D73A6B0F23CEBCB42AFFEAC0A |
D9FB026829456EF371ADB170F87CCCAD6BD1E0A485205031C39E84510A08EB85 |
conv2013-kb3054932-fullfile-x64-glb.exe |
10E4DDFEFD102E3EE727E67A2617652B7470D514 |
76DAA45B7FE6474A54068134D8796B1D37CAF61192D41EA07112D01E33E356AF |
conv2013-kb3054932-fullfile-x86-glb.exe |
32B040476B0578E0FACA30F3D91B6AD213F5CD5F |
B6FA4D966CAF8A55CF428730662492450B1DCAE1EAE21F2071F4E20FB57A3783 |
convloc2007-kb3054987-fullfile-x86-glb.exe |
D27F4442E3646251A96ABD5B1E683E4DAE58B0B7 |
2F98AB638E5266E690BD9ACC3BFB22D84479223AAC192CCA9C1155B6EBE101F1 |
convloc2010-kb3054965-fullfile-x64-glb.exe |
6F8E68B50735027C92D077CED16B549027A563EF |
4602E53369C30D5FA0DE9ECFF86FF4D17B7400932C1FF72EE6E8983FF42FE81A |
convloc2010-kb3054965-fullfile-x86-glb.exe |
E7C07D20CBB2F4C394C2A80D10BF59414570977A |
12BC5070907620812C24CDD23FFF1E9BD3BB59CDE556509458170ACC09D06551 |
excel2007-kb3085543-fullfile-x86-glb.exe |
4A1B9E834728866D52DFEC57C82D6E1E7469083C |
4F7F363B30C341C56577A64F686A6D4E8A39DDAA016FD92A68A2A487D83E6727 |
excel2010-kb3085526-fullfile-x64-glb.exe |
DA8F620BC5A868238ED39EB51B2C3672C82E1B03 |
54D05DDD06C1AE21FC764B60610A7356D11DC4FEED2053CE77D2869513CE17EF |
excel2010-kb3085526-fullfile-x86-glb.exe |
E139E895F90FCF6761436520F2E6E5BFC2DE0A81 |
1363E7A31683FF7B3A76373059B2267781C0C6604C4A25423E49E1A19E1812EB |
excel2013-kb3085502-fullfile-x64-glb.exe |
DB16BFC2B60583C87A4C9B486CCCC32135B94FEC |
817324DB0454C5657B3E281AE9C6D265B8409EAD2444567C1774E46653C79C5C |
excel2013-kb3085502-fullfile-x86-glb.exe |
71182A1A0780F7D497173E8D7217BBFC2121827E |
405BBDE64BDD37F06D7D3AD52EA82EDE2B54A4821361E41D87996C6AC26E02FC |
sts2013-kb3085501-fullfile-x64-glb.exe |
5B1C8C90870787611BCD19399F612A8A16F0BCFA |
74EBC495C7563F8994BFFC74AAAA26E997B5A2222D9A83D24C13C7568B27C190 |
wacserver2013-kb3085487-fullfile-x64-glb.exe |
9690E201811DCE5FF57A051686809695C7E0F603 |
B34E22DB2B920FFF10E7894A1175A981907E3E64378C1EE919F3F92E86A89D34 |
xlconv2007-kb3054993-fullfile-x86-glb.exe |
4D86F51D13BFEB40BA8E4E8E5929C3117F134EB0 |
B7EB3F1F3D50F2CEA2F9CC246DDF2E1F943B881EA5C0EFDF6270A51E90568943 |
xlsrvloc2013-kb3085483-fullfile-x64-glb.exe |
0C6ED0CC16EC90E521E7511041A2453E2E5E27FB |
948945AC9853B906B42CC3F27E59120374BF009BB6E9C8499645017C3187E32F |
xlview2007-kb3054995-fullfile-x86-glb.exe |
6643C2E6AFA2FCB9264F45617EB1FEC24C1CC766 |
E98F6ABB0AFC7770DBD90B1B039255221627447FCFC9DD7FF94C9038825E61A9 |
Help for installing updates: Support for Microsoft Update Security solutions for IT professionals: TechNet Security Troubleshooting and Support Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center Local support according to your country: International Support