We recommend that you install this version for all applications created using Visual Studio 2015, 2017, 2019, or 2022. It also includes the latest C++ standard language and library standards conformance updates.
The latest supported version has the most recently implemented C++ features, security, reliability, and performance improvements. This table lists the latest supported English (en-US) Microsoft Visual C++ Redistributable packages for Visual Studio 2015, 2017, 2019, and 2022. We recommend you use the latest Redistributable available for your version of Visual Studio, with some exceptions noted later in this article.įor details on how to install and redistribute Visual Studio components, see Redistributing Visual C++ Files. The Redistributable version must be at least as recent as the MSVC build toolset used to build your app. The Redistributable package architecture must match your app's target architecture. If your app uses those libraries, a Microsoft Visual C++ Redistributable package must be installed on the target system before you install your app. Many applications built using Microsoft C and C++ tools require these libraries. Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2, PowerPoint 2010 SP2, Project 2010 SP2, Publisher 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Pinyin IME 2010, Access 2013 SP1, Excel 2013 SP1, InfoPath 2013 SP1, OneNote 2013 SP1, PowerPoint 2013 SP1, Project 2013 SP1, Publisher 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, OneNote 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Access 2016, Excel 2016, OneNote 2016, PowerPoint 2016, Project 2016, Publisher 2016, Visio 2016, Word 2016, Skype for Business 2016, and Lync 2013 SP1 allow remote attackers to bypass a sandbox protection mechanism and gain privileges via a crafted web site that is accessed with Internet Explorer, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Microsoft Office Elevation of Privilege Vulnerability.The Visual C++ Redistributable installs Microsoft C and C++ (MSVC) runtime libraries. The security update addresses the vulnerability by correcting how Microsoft Access handles objects in memory. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.
Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.Įxploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Access. An attacker could then install programs view, change, or delete data or create new accounts with full user rights. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. A remote code execution vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory.