[German]With the December 2021 security updates for Microsoft Office, vulnerabilities in the Microsoft Jet Red Database Engine and in the Access Connectivity Engine have been fixed. Subsequently, however, Access databases can only be edited by one person. In the meantime there are first correction updates. Here is a short summary about the current status.
Advertising
Issues with security fix for CVE-2021-42293
CVE-2021-42293 describes a vulnerability in the Microsoft Jet Red Database Engine and in the Access Connectivity Engine. This vulnerability allows elevation of privilege. However, Microsoft rates the exploitability of the vulnerability as low probability. Nevertheless, the company has closed this vulnerability via Windows Update (for Microsoft Office 2013/2016 in the MSI versions) as well as in the Click-2-Run versions via update. Here is the list of C2R updates:
Current Channel: Version 2111 (Build 14701.20248)
Monthly Enterprise Channel: Version 2110 (Build 14527.20340)
Monthly Enterprise Channel: Version 2109 (Build 14430.20380)
Semi-Annual Enterprise Channel (Preview): Version 2108 (Build 14326.20692)
Semi-Annual Enterprise Channel: Version 2102 (Build 13801.21086)
Semi-Annual Enterprise Channel: Version 2008 (Build 13127.21842)
Office 2021 Retail: Version 2111 (Build 14701.20248)
Office 2019 Retail: Version 2111 (Build 14701.20248)
Office 2016 Retail: Version 2111 (Build 14701.20248)
Office LTSC 2021 Volume Licensed: Version 2108 (Build 14332.20204)
Office 2019 Volume Licensed: Version 1808 (Build 10381.20020)
In the blog post Patchday: Microsoft Office December 2021 updates (14.12.2021) causes Access issues I had pointed out that after installing the December 2021 security update a database can only be opened by one user. Then on December 17, 2021, Microsoft confirmed this issue (see my post Microsoft confirms issues in all Access versions after December 2021 Update) in the support posts for KB5002104 (Office 2013) and KB5002099 (Office 2016):
After this update is installed, databases that are stored on a network share can't be accessed by multiple users simultaneously. Microsoft is aware of this issue and will update this KB when a fix is available.
The issue is also discussed on Microsoft Answers in this forum thread.
Microsoft releases fixes
Microsoft has started rolling out fix updates automatically since admitting the problem with Access. Here is a rough overview of the fix updates (hot fixes):
Advertising
From the Access developers, there is this KB article that lists the fixes for the respective Click-2-Run builds:
- Current Channel Version 2111, build 14701.20262
- Current Channel (Preview) Version 2112, build 14729.20170
- Monthly Enterprise Channel Version 2110, build 14527.20344
- Semi-Annual Enterprise Channel (Preview) Version 2108, build 14326.20702
- Semi-Annual Enterprise Channel Version 2102, build 13801.21092
- Semi-Annual Enterprise Channel Version 2008, build 13127.21846
- Monthly Enterprise Channel Extended, Version 2109, build 14430.20386
- Office LTSC 2019 Version 1808, build 10382.20010
- Office 2016 C2R, Office 2019 Consumer, Office 2021 Consumer, Version 2111, build 14701.20262
All updates should be distributed automatically. However, I cannot judge whether the updates help – German blog reader Simon complains in this comment that the problem has not been fixed. I found a similar hint in this blog post.
Similar articles:
Microsoft Office Patchday (December 7, 2021)
Patchday: Microsoft Office December 2021 updates (14.12.2021) causes Access issues
Microsoft confirms issues in all Access versions after December 2021 Update
Access Lock Bug: Where the December 2021 Fixes Fail
