Microsoft Security Update &
Impact to your SAP BPC System

Our technical services team wishes to bring BPC users' attention to an urgent issue that is likely to impact every BPC v10 system.  We have been helping our support customers to resolve the issue, but as it seems likely to impact all BPC users, we wanted to make all contacts aware of the issue.

This new issue, in which BPC edit report and other report options become unavailable may show suddenly that BPC reports won’t work, or options in Excel become unavailable. This will affect every of BPC 10 / 10.1 NetWeaver and Microsoft systems customer at some point.  We are providing this information so you can be ready when it happens.

The easiest way to fix it is remove the Update from Add / Remove Programs, or Programs and Features depending on the Operating System version.

• MS14-081: Security update for Microsoft Office 2010 (2899518)
• MS14-081: Security update for Microsoft Word 2010 (2899519)
• MS14-082: Security update for Microsoft Office 2007 (2596927)
• MS14-082: Security update for Microsoft Office 2010 (2553154)
• MS14-082: Security Update for Microsoft Office 2013 (2726958)
• MS14-083: Security update for Microsoft Excel 2007  (2984942)
• MS14-083: Security update for Microsoft Excel 2010 (2910902)
• MS14-083: Security update for Microsoft Excel 2013  (2910929)

Remove the update on a Windows 7 machine - http://windows.microsoft.com/en-ca/windows/remove-update#1TC=windows-7

SAP Note – 2109314 and 2107965

OR

Symptom

After installing Microsoft updates, the following issues are encountered in the EPM Add-in client:

• 'Edit Report' is greyed out
• Context Options are greyed out
• EPM Pane shows no connection for current report
• Refreshing the report has no effect

Environment

• SAP Business Planning and Consolidation 10, version for NetWeaver
• SAP Business Planning and Consolidation 10.1, version for NetWeaver
• SAP Business Planning and Consolidation 10, version for Microsoft
• SAP Business Planning and Consolidation 10.1, version for Microsoft
• SAP Financial Consolidation (FC) 10.0
• EPM Add-In 10.0 for Microsoft Office
• Microsoft Excel 2007
• Microsoft Excel 2010
• Microsoft Excel 2013

Cause

• One or several of these Microsoft security updates have been installed on the client machines where the issues are reproduced:
• This issue appears to be an unintended side-effect of the security notes disabling ActiveX controls.
• The issue is not specific to SAP products and is potentially affecting any application using ActiveX controls.

Resolution

Option 1:

To resolve this issue, please install the following updates depending on your Office version:

• March 10, 2015 update for Office 2013 (KB2920754)
• March 10, 2015 update for Office 2010 (KB2920813)
• March 10, 2015 update for Office 2007 (KB2920794)

Option 2:

• Microsoft has confirmed this issue in KB 3025036 and has also provided an automatic fix located at: Microsoft Fix it 51029
• The recommended solution as per Microsoft KB 3025036 is to delete all "MSForms.exd" files (the automatic fix 51029 documented in the resolution for symptom 1 of KB 3025036 deletes these files automatically)
• To resolve the issue, delete the cached versions of the control type libraries (extender files / *.EXD) on the client computer.

• Microsoft has confirmed this issue in KB 3025036 and has also provided an automatic fix located at: Microsoft Fix it 51029
• The recommended solution as per Microsoft KB 3025036 is to delete all "MSForms.exd" files (the automatic fix 51029 documented in the resolution for symptom 1 of KB 3025036 deletes these files automatically)
• To resolve the issue, delete the cached versions of the control type libraries (extender files / *.EXD) on the client computer.
• Search the computer file system for files that have the ".exd" file-name extension, and delete all the MSForms.exd files that you find. To do this, follow these steps:

1. In Windows Explorer, open the %TEMP% folder, and then search for "MSForms.exd" in all subfolders.
2. Delete all instances in which that file is found. This includes all subfolders.

Depending on the specific applications installed on your desktop, you may find the *.exd files in a variety of sub-folders, such as:

• C:\Users\[user.name]\AppData\Local\Temp\Excel8.0\MSForms.exd
• C:\Users\[user.name]\AppData\Local\Temp\VBE\MSForms.exd
• C:\Users\[user.name]\AppData\Local\Temp\Word8.0\MSForms.exd
• C:\Users\[user.name]\AppData\Local\Temp\2\Excel8.0\MSForms.exd

Note 1: The .exd files will be re-created automatically when you use the new controls the next time that you use VBA. These extender files will be under the user's profile and may also be in other locations, such as the following folders:

• %appdata%\microsoft\forms
• %temp%\excel8.0
• %temp%\word8.0
• %temp%\PPT11.0
• %temp%\vbe

Note 2: Further errors could occur if you have Visual Basic for Applications (VBA) macros attached to your Excel files and if end-users do not have Administrative rights to their own computer.
The solution to this issue is to have a user with administrator rights log into the client’s machine and run the report / VBA code once to register the EXD files.
End-users can successfully run subsequent reports after this step is completed.

If this does not resolve the issue you may need to uninstall the problematic security updates using the following Microsoft How to Guide: Remove an update. Note that depending on the specific configuration and version of Microsoft Office you have installed, any of the following updates may need to be uninstalled.

• MS14-081: Security update for Microsoft Office 2010 (2899518)
• MS14-081: Security update for Microsoft Word 2010 (2899519)
• MS14-082: Security update for Microsoft Office 2007 (2596927)
• MS14-082: Security update for Microsoft Office 2010 (2553154)
• MS14-082: Security Update for Microsoft Office 2013 (2726958)
• MS14-083: Security update for Microsoft Excel 2007  (2984942)
• MS14-083: Security update for Microsoft Excel 2010 (2910902)
• MS14-083: Security update for Microsoft Excel 2013  (2910929)