Jump to content

Equation Editor deemed unfixable and purged by Microsoft, remove it from Office 2000/XP/2003/etc. ASAP


mixit

Recommended Posts

With the latest patches out this Tuesday, Microsoft has completely removed Equation Editor from all still supported Office versions, so it's a very good idea to also remove it from older Office versions ASAP. I'm guessing this drastic measure has to do with the fact that Microsoft doesn't seem to have the source code for this bundled third-party application, and since it's been under ongoing attack even after the previous binary patch was issued for it, they decided that continuing to patch the binary just wasn't feasible.

If your version of Office is still supported, simply apply the latest patches from Microsoft Update (see the CVE link below for manual downloads).

For older versions like Office 2000/XP/2003, you can either remove this feature with the Office installer and mark it unavailable (as described below in the If you don't use Equation Editor section), or simply replace the existing EQNEDT32.EXE with a 0-size empty file still called EQNEDT32.EXE (this appears to be what the patches for newer Office versions do).

See the following links for more details and Microsoft's suggestions for replacements of Equation Editor functionality.

https://support.microsoft.com/en-us/help/4057882/error-when-editing-an-equation-in-office
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0802

This post used to be titled HOWTO: Install Office 2007 Equation Editor security update (KB4011604. aka KB4011276) on Office 2000/XP/2003 and had the following contents:

A remote code execution vulnerability was patched this month in Equation Editor, an Office component (CVE-2017-11882 | Microsoft Office Memory Corruption Vulnerability, Description of the security update for 2007 Microsoft Office Suite: November 28, 2017).

Official patches are available only for Office 2007 and higher, but since it's a standalone component that hasn't changed since the year 2000, and Microsoft has simply applied a binary patch to the executable and resigned it, you can also use this patch with Office 2000, XP and 2003.

NOTE: KB4011604 was initially released as KB4011276 for English and Chinese only. If you've already installed KB4011276, you don't need to install KB4011604, the Equation Editor payloads are byte-for-byte identical. If you prefer a statement from Microsoft (from the CVE link above): "Customers who have already installed the previously-released updates (4011276 or 2553204) do not need to take any further action."

If you don't use Equation Editor, instead of updating it, you might want to remove it from your computer altogether. (Even if you don't have it installed right now, since it defaults to Installed on First Use, it's a good idea to explicitly deselect it in the Office installer.)

  • Go to Control Panel > Add or Remove Programs, locate your Office 2000/XP/2003 installer and choose the Change option, then pick Add or Remove Features when the installer launces.
  • Find Equation Editor in the component tree. The exact location may differ depending on your Office version, in my case (Office XP) it was under Office Tools. To disable its installation, or remove it from your computer if already installed, mark it as Not Available and complete the update. You should no longer have an Equation folder under (typically) C:\Program Files\Common Files\Microsoft Shared.

If you do use Equation Editor, you'll have to update it manually. (Trying to run the installer, it'll just tell you that you don't have an applicable product installed.) To do this, you'll be needing 7-zip (or a similarly versatile unpacker).

  • Get the patch either as an EXE installer from the Download Center (English; other languages direct links by @Bersaglio) or a CAB file from WU/Catalog (English)    .
  • Right-click on the downloaded file and choose to open it with 7-zip.
  • (EXE only) Select [0], right-click, Open Inside.
  • Select eqnedt32-[your-language].msp (e.g. eqnedt32-en-us.msp), right-click, Open Inside.
  • Select PATCH_CAB, right-click, Open Inside.
  • Extract EQNEDT32.EXE_[numeric language code] (e.g. EQNEDT32.EXE_1033) to a location of your choice and remove the numeric part from the file name, leaving you with EQNEDT32.EXE.
  • Copy this file to your Equation Editor folder, (typically) at C:\Program Files\Common Files\Microsoft Shared\Equation, replacing the old EQNEDT32.EXE in there. (If you like, you can make a copy of the old version, but you can always restore it later by re-running the Office installer.)
  • To make sure everything is kosher now, check EQNEDT32.EXE properties. The version should show 2017.8.14.0.
  • (Note that if you use the Office installer in the future to change installed components or repair your installation, it may put back the old EQNEDT32.EXE and you'll have to manually replace it again.)

 

Edited by mixit
Link to comment
Share on other sites


mixit - thanks for info. 

Q - on the thread for XP POS, there are recent links for updating the 2007 Compatibility Pack for Office 2003 on our XP machines.  Should I also run those on my wife's Win 7 64-bit machine on which we still have Office 2003 with the Compatibility Pack?

Edited by glnz
Link to comment
Share on other sites

If you have the same Compatibility Pack installed, you can and should apply the same updates on both machines. The system may be 64-bit but Office and the Compatibility Pack would still be 32-bit. Also, what @dencorso already told you:

 

Link to comment
Share on other sites

Edited the topic to reflect the switch to KB4011604 (thanks for the heads up, @Bersaglio :)). FYI, for some reason the KB4011604 Download Center landing page sometimes gives a "no longer available" message, hopefully the direct EXE links are more stable. If you're a more of a Catalog person, I'm sure you'll appreciate the fact that MS has posted all language versions separately, with no indication which is which, so you basically have to click on each download button until you find the right language...:rolleyes:

Link to comment
Share on other sites

With the latest patches out this Tuesday, Microsoft has completely removed Equation Editor from all still supported Office versions, so it's a very good idea to also remove it from older Office versions ASAP. See the updated opening post for details.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...