This article originally appeared in TidBITS on 2017-09-24 at 4:52 p.m.
The permanent URL for this article is:
Include images: Off

Microsoft Office 2016 15.38

by Agen G. N. Schmitz

Microsoft has issued version 15.38 of its Office 2016 [1] application suite, focusing on patching important security issues. The update resolves two memory corruption vulnerabilities in Excel (CVE-2017-8631 [2] and CVE-2017-8632 [3]) that could allow an attacker to use a specially crafted file to access permissions. Microsoft patched these vulnerabilities in version 14.7.7 of Office 2011 too (see “The End of Microsoft Office for Mac 2011 Is Nigh [4],” 23 August 2017). The Office 2016 release also updates the Microsoft AutoUpdate application to version 3.9.3, providing an alert to reinstall Microsoft AutoUpdate if missing or broken components are detected. ($149.99 for one-time purchase, free update through Microsoft AutoUpdate, release notes [5], 10.10+)