XL97: Update Available for Excel 97 SR-2 REGISTER.ID Function Vulnerability (269263)


The information in this article applies to:

  • Microsoft Excel 97 for Windows
This article was previously published under Q269263

SUMMARY

Microsoft has released an update that eliminates a security vulnerability in Microsoft Excel 97. This update, the Microsoft Excel 97 SR-2 REGISTER.ID Function Update, eliminates a security vulnerability that could allow certain types of executables to be run without a warning to the user.

To correct this problem, download and install the latest update for Excel 97. The latest update includes this and all other Excel-specific updates that have been released since the latest service release (SR) of Office. The files included in this update will be included in any later SR or patch. To upgrade to the latest patch or for more information about the history of Excel 97 patches, please click the article number below to view the article in the Microsoft Knowledge Base:

232652 XL97: Overview and History of Excel Patches

To prevent unsafe macros from running, this update disables the REGISTER.ID worksheet function.

The Microsoft Excel 97 SR-2 REGISTER.ID Function Update is designed to update Microsoft Excel 97 Service Release 2 (SR-2).

NOTE: This update includes the Excel 97 and PowerPoint 97 HTML Script Vulnerability Update. If you apply this update you will not need to apply the Excel 97 and PowerPoint 97 HTML Script Vulnerability Update. For additional information about the Excel 97 and PowerPoint 97 HTML Script Vulnerability Update, click the article numbers below to view the articles in the Microsoft Knowledge Base:

269263 XL97: Update Avail for Excel 97 SR-2 REGISTER.ID Vulnerabilty

268477 PPT97: Update Available for HTML Script Vulnerability

MORE INFORMATION

How to Download and Install This Update

  1. Using your Web browser go to the following Web site:

    http://office.microsoft.com/downloads/9798/xl8p10pkg.aspx

  2. Click Download Now! Click Save this program to disk, and then click OK.
  3. Click Save.
  4. In Windows Explorer, double-click the Xl8p7pkg.exe file.
  5. If you are prompted to install the update, click Yes.
  6. Click Yes to accept the License Agreement.
  7. When you receive a message indicating installation was successful, click OK.

How to Run the Update in Quiet Mode

Use the /q switch if you want to run the update in quiet mode. To do this, follow these steps:
  1. On the Windows Start menu, click Run.
  2. In the Open box, type the following command

    location\xl8p7pkg /q

    where location is the complete path to the directory in which you downloaded the file.
  3. Click OK.

How to Update an Administrative Installation of Office

To install this update to an administrative installation point for Office 97, follow these steps:
  1. On the Windows Start menu, click Run.
  2. In the Open box, type the following command

    location\xl8p7pkg /c: "xl8p7.exe /a path\msoffice /i path\msoffice\inf file"

    where location is the complete path to the directory in which you downloaded the file, path is the path to your administrative installation point, and inf file is the name of the .inf file for your version of Office 97. For example, if you need to update Office 97 Professional, the patch is saved to a folder called Downloads on drive C, and your administrative installation point is named Off97 on the computer Appsvr, your command line would look like this:

    C:\Downloads\xl8p10pkg /c: "xl8p10.exe /a \\appsvr\Off97\msoffice /i \\appsvr\Off97\msoffice\off97pro.inf"

    and then click OK
  3. If you are prompted to install the update, click Yes.
  4. Click Yes to accept the license agreement.
  5. When you receive a message indicating installation was successful, click OK.
NOTE: You do not have to take any further action to update computers that are running Excel 97 from the administrative installation point.

How to Determine Whether the Update Has Been Installed

To determine whether the Excel 97 SR-2 REGISTER.ID Function Update has been installed, check the versions of the files. The following table lists the files you should check, their size, and their version numbers: 
   File name      Size         Version   Notes
   -------------------------------------------------------------
   excel.exe      5621248      8.0l      Windows 2000 displays
                                         "8.0.1.7913"
   scanload.dll     36864      8.2j      Windows 2000 displays
                                         "8.2.0.7205"
NOTE: The version number that appears in the About Microsoft Excel dialog box (click About Microsoft Excel on the Help menu) is "Microsoft Excel 97 SR-2 (l)".

To check the version number and file size in Windows Explorer, follow these steps:
  1. On the Windows Start menu, point to Programs, and then click Windows Explorer.
  2. From Windows Explorer, right-click the file and then click Properties on the menu that appears.
  3. Click the Version tab to check the version number. Click the General tab to check the file size.

Files Contained in the Xl8p10pkg.exe Download

If you download Xl8p10pkg.exe and manually extract the files by using a command line similar to the following

C:\Downloads\xl8p10pkg.exe /c /t:C:\xl8p10pkg

the following files will be listed in the C:\xl8p10pkg folder:

xl8p10.exe
readme.txt
excel.exe
scanload.dll

Modification Type:MinorLast Reviewed:8/5/2004
Keywords:kbdownload kbhowto kbpending KB269263
©2004 Microsoft Corporation. All rights reserved.