Security patch re-released for Excel 2003

Update resolves an Excel calculation error

A calculation-error bug in Microsoft Office Excel 2003, which was acknowledged by Microsoft last Friday, has been resolved with a security update.

Microsoft Security Response Center (MSRC) blogger Tim Rains pointed to an updated security bulletin, MS080-014, dated March 19. The bulletin had originally been issued on March 11 during the Patch Tuesday update cycle, with the aim of addressing four "critical" fixes in Microsoft products, including a remote code execution flaw in Excel 2003.

The initial patch fixed Excel 2003's security problem, but unmasked the calculation problem too.

The revised bulletin MS080-014 points readers to an updated security update 943985 (buried in MS080-014's FAQ), which resolves the Excel 2003 calculation error. The 943985 security update states the following under "Resolution":
    "Microsoft has completed research about this issue and has re-released security update 943985 for users of Microsoft Office Excel 2003 Service Pack 2 and of Microsoft Office Excel 2003 Service Pack 3."

This re-released Excel 2003 security fix also will be offered to users through Microsoft's Automatic Updates.

Rains explained that the Excel calculation error was associated with the use of real-time data in Excel, based on a "user-created Visual Basic for Applications solution." Such a setup returned an incorrect zero result after the initial Excel 2003 security patch had been applied.

The problem tended to affect "on-the-go finance types," according to expert opinion, and affected users tended to have "a custom-built VBA function" in place, Rains said.

This article was originally published March 21 on RedmondMag.com, an affiliate Website of GCN.com.

About the Author

Kurt Mackie is the online news editor for the 1105 Enterprise Computing Group sites, including Redmondmag.com, RCPmag.com and MCPmag.com.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above