Overview of the Excel 97 Security Patch: November 11, 2003 (830356)

SUMMARY

Microsoft has released a patch to Microsoft Excel 97 for Windows. This patch fixes a vulnerability under certain scenarios where an Excel file can be modified in such a way that a macro that includes Microsoft Excel 4.0 Macro Language (XLM) commands can run with no macro security warning issued. Additionally, other similar issues are fixed as described later in this article.

This article describes how to download and install the Microsoft Excel 97 Security Patch: KB830356.

back to the top

Issues That Are Fixed in the Excel 97 Security Patch: KB830356

The following issues are fixed in this patch package but were not previously documented in a Microsoft Knowledge Base article:

• A Macro security warning may appear when a workbook does not contain macros.
• A Macro security warning does not appear when the macro runs.
• Macros in a workbook run automatically when workbooks are opened through a hyperlink on a drawing share.
• Embedded macros can be executed and can bypass the macro security.
• Change in binary file can bypass macro controls.

Macro Security Warning May Appear When a Workbook Does Not Contain Macros

When you open a workbook in Excel 97, you may receive the macro security warning when the workbook does not contain macros.


The following issue is also fixed in the English, Korean (KOR), Japanese (JPN), Chinese simplified (CHS), Chinese traditional (CHT), and Chinese Pan (CHP) versions of this patch.

Macro Security Warning Does Not Appear When the Macro Runs

When you open a workbook in Excel 97, macro code may run with no macro security warning.




The following issues are also fixed in the non-English version of this patch.

Macros in a Workbook Run Automatically When Workbooks Are Opened Through a Hyperlink on a Drawing Share

A Microsoft Excel macro execution vulnerability that relates to how macros are handled in workbooks when those workbooks are opened through a hyperlink on a drawing shape. Macros in a workbook that is opened this way can run automatically.

This issue was previously documented in the following Microsoft Knowledge Base article:

Embedded Macros Can Be Executed and Can Bypass the Macro Security

An Excel macro execution vulnerability that relates to how inline macros that are associated with objects are handled. Because of this vulnerability, macros can be executed and can bypass the Macro Security Model when the user clicks on an object in a workbook.

This issue was previously documented in the following Microsoft Knowledge Base article:

Change in Binary File Can Bypass Macro Controls

An Excel workbook stream can be altered in such a way that the macros in the file run without prompting a macro warning or being stopped by macro controls.

This issue was previously documented in the following Microsoft Knowledge Base article:



back to the top

Install the Excel 97 Security Patch: KB830356

Note If you have previously installed the Excel 97 Hotfix that is documented in Knowledge Base article 300953, this patch will not install properly. In this case, you must manually extract the Excel.exe file from this patch and then replace the Excel.exe file on your computer with this one.

The following file is available for download from the Microsoft Download Center:

Download the Excel 97 Security Patch: KB830356 package now.

Release Date: November 11, 2003

For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base: Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.
To download and install the security patch, follow these steps:

1. Click Save to save the Office97-KB830356-ENU.exe file to the selected folder.
2. In Microsoft Windows Explorer, double-click Office97-KB830356-ENU.exe.
3. If you are prompted to install the patch, click Yes.
4. Click Yes to accept the License Agreement.
5. Insert your Microsoft Office 97 CD-ROM when you are prompted to do so, and then click OK.
6. When you receive a message that indicates that the installation was successful, click OK.

Note After you install the patch, you cannot remove it. To revert to an installation before the patch was installed, you must remove Office 97, and then install it again from the original CD-ROM.

back to the top

How to Determine If the Patch Is Installed

The patch contains updated versions of the following files:

English, Korean (KOR), Japanese (JPN), Chinese simplified (CHS), Chinese traditional (CHT), and Chinese Pan (CHP) Patch Versions

   File name      Version
   -------------------------
   Excel.exe      8.0.1.9904
   Scanload.dll   8.2.0.9904

Arabic (ARA), and Hebrew (HBR) Patch Versions

   File name      Version
   -------------------------
   Excel.exe      8.0.0.4003
   Scanload.dll   8.2.0.9904

Thai (THA) Patch Version

   File name      Version
   -------------------------
   Excel.exe      8.0.0.4316
   Scanload.dll   8.2.0.9904

To determine the version of Microsoft Excel that is installed on your computer, follow these steps.

Note Because there are several versions of Microsoft Windows, the following steps may be different on your computer. If they are, see your product documentation to complete these steps.

1. Click Start, and then click Search.
2. In the Search Results pane, click All files and folders under Search Companion.
3. In the All or part of the file name box, type Excel.exe, and then click Search.
4. In the list of files, right-click the Excel.exe file, and then click Properties.
5. On the Version tab, determine the version of Excel that is installed on your computer.

Note If the Excel 97 Security Patch: KB830356 is already installed on your computer, you receive the following error message when you try to install the Excel 97 Security Patch: KB830356:back to the top