Outlook for Microsoft 365 Apps Feature Update for September 2023

News

Microsoft has released the September 2023 feature update of Outlook for Microsoft 365 Apps in the Current Channel.

It’s a bit of small release for Outlook this times as it only contains 2 documented fixes;

  • We fixed an issue where the setting to control how Outlook opens previous items at start-up was missing from the Options window.
  • We fixed an issue that caused Outlook to exit unexpectedly when searching a shared or delegated mailbox.

But we can always rely on the Excel Team to with something exciting in those cases. This time there is a nice new feature which definitely reduces some annoyances;

  • Control your data conversions
    You’ve been asking for more control over how Excel automatically converts your data to specific formats. We delivered! You now have the ability to disable specific types of automatic data conversions; this way, you won’t need to worry about Excel converting your data to a format that you didn’t want and weren’t expecting.

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook or the Microsoft Store and updates Outlook to: Version 2309 (Build 16827.20130).


MAPILab
Use "4PM76A8" to get a discount when ordering!

Outlook 365 / 2021 / 2019 / 2016 Update for September 2023

News

The September security and rollup update has been made available for all Click-to-Run installations of Outlook 2016, Outlook 2019, Outlook 2021 and Outlook as part of a Microsoft 365 subscription.

It contains 8 security updates for Excel (1), Outlook (1), Word (2), and Office (4). The details about the Outlook vulnerability can be found below;

  • CVE-2023-36763: Microsoft Outlook Information Disclosure Vulnerability
    • This vulnerability is currently not publicly disclosed nor exploited.
    • Exploitation of the vulnerability requires no user interaction and could allow the disclosure of credentials.
    • The Preview Pane is not an attack vector.
    • The Exploitability Assessment is rated: Exploitation Less Likely.

In addition, it contains 4 non-security fixes related to Outlook Current Channel Version 2308, 8 fixes related to Outlook Monthly Enterprise Version 2307, 4 fixes related to Outlook Semi-Annual Version 2302, and 1 fix related to Outlook Semi-Annual Version 2208. Most notable fixes are;

  • Version 2308
    • We fixed an issue where an out-of-memory error would appear when sending email after seeing the WaitOnSend dialog pop up.
    • We fixed an issue where the External Sender tag was not showing.
    • We fixed an issue that caused Outlook to close unexpectedly when viewing an email.
    • We fixed an issue that caused Outlook to close unexpectedly in some search scenarios.
  • Version 2307
    • We fixed an issue that caused the incorrect working hours to be displayed on shared-in calendars.
    • We fixed an issue that caused the application to close unexpectedly when clicking on non-HTTP links.
    • We fixed an issue that caused users to receive errors about having too many Actionable Messages open more frequently than expected.
    • We fixed an issue where Outlook would prompt the user to save changes to a meeting when no changes were made.
  • Version 2302
    • We fixed an issue that caused users to receive a Non-Delivery Report (NDR) when overriding the oversharing policy notification or reporting it as a false positive.
    • We fixed an issue that caused Outlook to fail to display PolicyTips in Outlook sessions that were launched with no internet connection.
    • We fixed an issue that caused Outlook to close unexpectedly when viewing an email.
  • Version 2302 and Version 2208
    • We fixed an issue that caused some users of Outlook to see a “Retrieving templates from server” dialog for a very long time when clicking on the “From” field in an email message.

Version 2308 has now also been released to the Semi-Annual Enterprise Channel (Preview) and contains 7 highlighted new features and over 37 fixes related to Outlook, which have been made available already to the Current release channel too. The new features are;

  • Get relevant alerts with new Notifications pane
    Don’t let important information get buried in your inbox. The new Notifications pane in Outlook delivers notifications that are relevant to you in the context of your regular email. The pane gives you the ability to customize the types of notifications you wish to receive, including email and document @mentions, travel updates, deliveries, and more.
  • Org Explorer
    Visualize and explore your company’s internal structure, work teams, and individual roles.
  • Assign a sublabel as the default when a parent label is selected
    When using built-in sensitivity labels in Microsoft 365 Apps, admins can specify a sublabel to get applied automatically when a parent label is selected. This takes effect only when users select a parent label manually.
  • Accessibility Ribbon in Outlook for Windows
    The Accessibility Ribbon brings together in one place all the tools you need to make your emails accessible.
  • We added a registry key that hides the “Try the new Outlook” toggle
    To learn more about the new Outlook for Windows, please click here. For additional information on managing mailbox access to the new Outlook for Windows, please click here.
    • Key: HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\General
    • Value type: REG_DWORD
    • Value name: HideNewOutlookToggle
    • Possible values;
      • 0 (default) – “Try the new Outlook” toggle, if available in selected update channel, is displayed to users
      • 1 – “Try the new Outlook” toggle is hidden
  • Inheritance of attachment labels to email messages
    For email messages with attachments, apply a label that matches the highest classification of those attachments.
  • Block emails with sensitive labels
    Implement pop-up messages in Outlook that warn, justify, or block emails being sent based on sensitivity labels.

Based on your release channel, you’ll be updated to the following version;

  • Microsoft 365 Apps, Outlook 2016 Retail, Outlook 2019 Retail, Outlook 2021 Retail
    Version 2308 (Build 16731.20234)
  • Monthly Enterprise
    Version 2307 (Build 16626.20208)
    Version 2306 (Build 16529.20254)
  • Semi-Annual Enterprise (Preview)
    Version 2308 (Build 16731.20234)
  • Semi-Annual Enterprise
    Version 2302 (Build 16130.20766)
    Version 2208 (Build 15601.20772) 
  • Outlook LTSC 2021
    Version 2108 (Build 14332.20565)
  • Outlook 2019 Volume Licensed
    Version 1808 (Build 10402.20023)

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook itself or the Microsoft Store. This update does not apply to msi-based installations of Office 2016.


Outlook 2016 (MSI) Security Update for September 2023

News

A Security Update has been released for Outlook 2016. It resolves the following vulnerability;

  • CVE-2023-36763: Microsoft Outlook Information Disclosure Vulnerability
    • This vulnerability is currently not publicly disclosed nor exploited.
    • Exploitation of the vulnerability requires no user interaction and could allow the disclosure of credentials.
    • The Preview Pane is not an attack vector.
    • The Exploitability Assessment is rated: Exploitation Less Likely.

View: Download information for KB5002499

Note: This update can be installed via Microsoft Update and updates Outlook to version 16.0.5413.1000. This update does not apply to Perpetual (Retail) and Microsoft 365 based installations of Office 2016.


Exchange 2019 and 2016 Security Updates for August 2023

News

Security updates have been released for Exchange 2016 and Exchange 2019. There is no security update for Exchange 2013 as support ended on April 11, 2023.

The updates fix the following vulnerabilities;

  • CVE-2023-21709: Microsoft Exchange Server Elevation of Privilege Vulnerability
  • CVE-2023-35368: Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2023-35388: Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2023-36744: Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2023-36745: Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2023-36756: Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2023-36757: Microsoft Exchange Spoofing Vulnerability
  • CVE-2023-36777: Microsoft Exchange Server Information Disclosure Vulnerability
  • CVE-2023-38181: Microsoft Exchange Server Spoofing Vulnerability
  • CVE-2023-38182: Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2023-38185: Microsoft Exchange Server Remote Code Execution Vulnerability

None of the vulnerabilities are currently publicly disclosed nor exploited. However, 2 of them are rated as “Exploitation More Likely” so make sure you update as soon as possible!

Additionally, to properly address vulnerability CVE-2023-21709, you must run a script or an additional PowerShell command as discussed in the referenced article.

The updates also contain the following new feature and non-security issues;

View: Exchange Blog: Released: August 2023 Exchange Server Security Updates
View: Exchange Blog: September 2023 release of new Exchange Server CVEs (resolved by August 2023 Security Updates)
View: Description of version 2 of the security update for Microsoft Exchange Server 2019 and 2016: August 15, 2023 (KB5030524) 

Download: Security Update V2 for Exchange 2019 CU12 and CU13
Download: Security Update V2 for Exchange 2016 CU23.


Outlook 2013 Security Update for August 2023

News

A Security Update has been released for Outlook 2013. It resolves the following vulnerability;

  • CVE-2023-36893: Microsoft Outlook Spoofing Vulnerability
    • This vulnerability is currently not publicly disclosed nor exploited.
    • Exploitation of the vulnerability requires that a user with an affected version of Outlook opens a malicious meeting or appointment invite from the attacker.
    • The Preview Pane is not an attack vector.
    • The Exploitability Assessment is rated: Exploitation Less Likely.

View: Download information for KB5002449

Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 2013 Click-To-Run and updates Outlook to version 15.0.5579.1000.


Exchange 2019 CU13

News

Cumulative Update 13 for Exchange 2019 is now available. With the new release model, it is officially called; The 2023 H1 Cumulative Update (CU) for Exchange Server 2019.

Exchange 2019 CU13 includes the following major changes;

  • Enable Modern Auth for pure On-Premises Exchange users
    Support for OAuth 2.0 (also known as Modern authentication) for pure on-premises environments that use Active Directory Federated Services (AD FS) as a security token service (STS).
    To use this feature, you must be using Microsoft Outlook or any other client that supports Modern authentication by using AD FS. Currently, this feature is available only for Outlook on Windows. However, support for modern authentication will be added to other Outlook clients in the future.
    For details see; Enable Modern Auth in Exchange Server on-premises.
  • Configuration backup and restore
    Setup now backs up the most common configuration settings and then restores them to the state they were in before Setup was started. Starting with the 2023 H1 CU, Setup preserves about 70 different configuration settings across multiple files.
    For details see; Exchange Server custom configuration preservation

There are 28 additional fixes documented for this release. A few notable ones are;

  • KB5026273: Outlook configuration fails in Android or iOS
  • KB5026156: Outlook search fails in a shared On-Premises mailbox if the primary user mailbox is migrated to Exchange Online
  • KB5026267: OWA stops responding in an Exchange 2019 and 2016 coexistence topology
  • KB5026278: Mailbox migration fails after Extended Protection is enabled
  • KB5026138: Users receive reminders although the meeting reminder is set to None
  • KB5026139: You can’t move the public folder mailbox

This release does not include new updates to the Active Directory Schema for Exchange 2019.

The next planned Cumulative Update for Exchange 2019 is in September 2023.

Exchange 2019: CU13 KB5020999Download
View: Blog post of the Exchange Team about CU13 for Exchange Server 2019

Note: Exchange 2016 has reached its Extended Support phase and CU23 was the last CU for it. This means that from now on, it will only receive Security Updates.


Partial word, string or wildcard search in Outlook

Search buttonOutlook’s indexed search is fast as long as you know the exact beginning of the word or string that you are looking for.

If you want to search for only a part of a word, like the middle or ending, you’ll have to use the much more cumbersome Advanced Find.

For instance, when searching for “write”, Outlook’s indexed search will only find messages containing “write” but Advanced Find will also find “rewrite”.

A similar situation exists when searching for product codes or reference numbers were people could leave out prefixes, spaces or dashes.

Or what about names?
Katerina or Caterina? Kristian or Christian?

With an Advanced Find macro we can make these type of searches quick and easy again.

Continue reading: Partial word, string or wildcard search in Outlook


Windows 11 (2022) and Outlook; An easy upgrade?

Windows 11 buttonThinking about upgrading your computer to Windows 11 or are you using Outlook on a Windows 11 computer already and are being offered the next major Windows 11 update?

There are a couple of things to be aware of when you heavily rely on Outlook.

The upgrade process from Windows 10 is actually quite streamlined and trouble free for most configurations; It is almost like applying a major update to Windows 10. Of course, things are even easier when you are already on Windows 11. However, there are still a couple of attention points to go through before you start and afterwards.

This guide contains not only upgrade preparation and troubleshooting steps but also various tips about the changes that you could encounter involving Outlook after upgrading to Windows 11.

Continue reading: Windows 11 (2022) and Outlook; An easy upgrade?


Reply and keep original attachments

Reply with Attachments buttonWhen you reply to an email in Outlook, the original emails are not included. This is because it is assumed that the original sender still has access to the original attachments.

There are however various valid scenarios in which it makes sense to keep the attachments. A common scenario which would benefit from this, is in longer mail threads where Reply All is used and where new people are being added.

Although there are various workarounds available, having this option integrated in Outlook is more efficient.

Continue reading: Reply and keep original attachments


Check sending account address before sending email

Select Sending Account buttonNowadays, it is quite likely that you have multiple email accounts configured in Outlook.

Especially when working from home, you don’t want to end up sending your business emails via your private account or vice versa.

Also, when you have access to a Shared Mailbox or are a delegate for the mailbox of a colleague, you could find yourself inadvertently send from these mailboxes or forget to select it when needed.

By adding this simple VBA macro to Outlook, you can prevent sending emails from the wrong email address.

Continue reading: Check sending account address before sending email


Add Teams, Skype, Zoom and other chat, call or meet now links to your signature

Chat & Meet in SignatureCommon signatures include a greeting, your name, your company name and possibly a website address and a phone number.

Since nowadays people contact each other a lot more via online meeting tools such as Teams, Skype and Zoom, you can also add special links which will allow the receiver to directly contact you via one of those methods as well.

With the use of recognizable icons, you can easily include these references without making your signature look huge.

This guide starts off with an example of a signature which is small but contains several instant communication links as well. After that, an overview is given of the instant communication links that can be used with commonly used IM and video conferencing clients.

Continue reading: Add Teams, Skype, Zoom and other chat, call or meet now links to your signature


Edit the HTML source code while composing a message in Outlook

Edit HTML Code buttonWhen composing a message in the HTML format in Outlook, the HTML code is automatically generated by the WordHTML engine. Unfortunately, Outlook does not provide a direct way of editing this generated HTML code.

With the EditHTML macro from this guide you can edit or completely replace the HTML of a message you are composing. This makes it much easier to make specific modifications or use the HTML code that you’ve created in another HTML editor.

This way you can make sure that your carefully created design, like for a newsletter, isn’t being modified again by WordHTML and remains compatible with other mail clients.

Continue reading: Edit the HTML source code while composing a message in Outlook


Schedule a recurring email with Outlook and PowerShell

Recurring Email buttonDo you need to send the same emails on a recurring basis like daily, weekly or monthly? Sending out reminders, forwarding reports or the latest offers and prices can be a tedious task.

Outlook doesn’t natively have this feature but with some PowerShell code or add-in, it can be done quite easily .

The PowerShell code in this guide allows you to send an email template, that you’ve created in Outlook. Optionally, it can look for a specific file to attach at the moment of sending to make sure you are always sending the latest version of the file. This guide contains step-by-step instructions to fully automate this process via the Windows Task Scheduler.

Scripts aren’t your thing? We’ve got you covered with some recommended 3rd party add-ins that can bring this functionality to Outlook as well.

Continue reading: Schedule a recurring email with Outlook and PowerShell


S/MIME support for Outlook on the Web (OWA) in Google Chrome or Microsoft Edge

S/MIME buttonS/MIME support for Outlook on the Web (OWA) used to be only available in Internet Explorer but it is now also possible to add this to Google Chrome and the new Microsoft Edge browser.

However, adding the required extension isn’t (currently) possible via the traditional means of using the Chrome Web Store or the Microsoft Edge Addons page.

This guide explains how you can manually install or deploy the Microsoft S/MIME Control for Outlook on the web.

Continue reading: S/MIME support for Outlook on the Web (OWA) in Google Chrome or Microsoft Edge


Executing PowerShell Scripts FAQ and Tips & Tricks

PowerShell Script buttonThere are several guides containing PowerShell scripts on HowTo-Outlook.com. PowerShell is a powerful scripting language which can be used by many applications including Outlook and Exchange. For end-user usage, it can be seen as the successor of vbs and batch scripts.

PowerShell scripts are easy to use but there are a couple of things to be aware of, especially when it is the first time you use such scripts.

This guide contains frequently asked questions regarding the use of PowerShell scripts and some additional tips and tricks to get you started.

Continue reading: Executing PowerShell Scripts FAQ and Tips & Tricks


Importing eml-files into Outlook

Import EML buttonIf you’ve ever used Outlook Express, Windows (Live) Mail, Thunderbird, Lotus/IBM Notes or basically any mail client other then Outlook, chances are that you have some eml-files stored somewhere as well.

While Outlook does support opening eml-files, it doesn’t offer a way to import them into Outlook.

This guides contains instructions and 2 scripts to import eml-files into an Outlook folder of your choice.

Continue reading: Importing eml-files into Outlook


Autodiscover: Some quick methods to get it working

Autodiscover.xml buttonThe Autodiscover service is a required service for Outlook-Exchange connectivity since Outlook 2007 and Exchange 2007 but for whatever reason, in some Exchange environments this still hasn’t been implemented correctly.

In some part, this was due to the fact that you could still get basic Outlook-Exchange connectivity by using some legacy Exchange 2003 RPC over HTTP dialog in Outlook. This (unsupported) method now no longer works in Outlook 2016, Outlook 2019 and Outlook for Office 365 due to the removal of this legacy dialog since Outlook doesn’t support Exchange 2003 anymore since Outlook 2013.

Unfortunately, this leaves up-to-date Outlook users disconnected when Autodiscover hasn’t been provisioned correctly by your company.

This guide contains some reasonably quick and easy and some less elegant methods for end-users but also for Exchange administrators to get your Outlook connected to Exchange again. All discussed solutions are fully supported configurations by Microsoft and do not require any changes to Exchange or the need for a new SSL Certificate.

Continue reading: Autodiscover: Some quick methods to get it working


Windows 10 (22H2 / October 2022 Update or earlier) and Outlook

Windows 10 buttonThinking about upgrading your computer to Windows 10 or are you using Outlook on a Windows 10 computer already and are being offered a major Windows 10 update?

What should you be aware of when you heavily rely on Outlook?

The upgrade process from Windows 7 and Windows 8 is actually quite streamlined and trouble free for most configurations. Things are even easier when applying a major update to Windows 10. However, for either upgrade, there are still a couple of attention points before you start.

This guide contains not only upgrade preparation and troubleshooting steps but also various tips about the changes that you could encounter involving Outlook after upgrading to Windows 10.

Continue reading: Windows 10 (22H2 / October 2022 Update or earlier) and Outlook


Outlook can’t connect to Gmail: Password incorrect

Gmail buttonWhen configuring your Gmail account in Outlook (or other mail clients such as Thunderbird and Mail apps on (older) smartphones), you may run into continuous password prompts or sync errors.

This is because Google has turned off Basic Authentication (which they refer to as Less Secure App Access) for all accounts since May 30, 2022. It now only lets you authenticate via the OAuth 2.0 standard.

As a result, you’ll get Send/Receive errors (0x800CCC0E) and could get prompted for your Gmail password again in Outlook and the login could fail even when you supply the correct password.

Continue reading: Outlook can’t connect to Gmail: Password incorrect


Outlook for Microsoft 365 Apps Feature Update for August 2023

News

Microsoft has released the July 2023 feature update of Outlook for Microsoft 365 Apps in the Current Channel.

This time there are 1 new feature and 4 documented fixes.

  • Updated encryption for Microsoft Purview Information Protection
    Advanced Encryption Standard (AES) with 256-bit key length in Cipher Block Chaining mode (AES256-CBC) is now the default Microsoft Purview Information Protection encryption mechanism for Microsoft 365 Apps documents and emails.
  • We fixed an error that users were hitting when they tried to override a Policy Tip detection or to report it as a false positive.
  • We fixed an issue that caused Outlook to exit unexpectedly when users executed a search with the “All Mailboxes” scope.
  • We fixed an issue that caused the application to close unexpectedly when clicking on non-HTTP links.
  • We fixed an issue that caused the incorrect workdays to be displayed on shared-in calendars.

Excel also got a very useful new shortcut worth sharing;

  • Paste values directly into your workbook using a keyboard shortcut
    The keyboard shortcut CTRL+SHIFT+V lets you quickly Paste Values rather than having to choose Paste Values from the menu.

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook or the Microsoft Store and updates Outlook to: Version 2308 (Build 16731.20170).


Outlook 365 / 2021 / 2019 / 2016 Update for August 2023

News

The July security and rollup update has been made available for all Click-to-Run installations of Outlook 2016, Outlook 2019, Outlook 2021 and Outlook as part of a Microsoft 365 subscription.

It contains 9 security updates for Excel (2), Outlook (1), Visio (3), and Office (3). The details about the Outlook vulnerability can be found below;

  • CVE-2023-36893: Microsoft Outlook Spoofing Vulnerability
    • This vulnerability is currently not publicly disclosed nor exploited.
    • Exploitation of the vulnerability requires that a user with an affected version of Outlook opens a malicious meeting or appointment invite from the attacker.
    • The Preview Pane is not an attack vector.
    • The Exploitability Assessment is rated: Exploitation Less Likely.

In addition, it contains 3 non-security fixes related to Outlook Current Channel Version 2307, and 1 new feature and 2 fixes related to Outlook Monthly Enterprise Version 2306.

  • Version 2307
    • We fixed an issue that caused Outlook to fail to show Top Search Results in some views.
    • We fixed an issue where Microsoft 365 links failed to launch properly.
    • We fixed an issue that caused users to receive errors about having too many Actionable Messages open more frequently than expected.
  • Version 2306
    • Accessibility Ribbon in Outlook for Windows
      The Accessibility Ribbon brings together in one place all the tools you need to make your emails accessible.
    • We fixed an issue that caused users to get prompted to save changes to an unmodified email message.
    • We fixed an issue where the Me control showed the wrong display name in Office apps.

Based on your release channel, you’ll be updated to the following version;

  • Microsoft 365 Apps, Outlook 2016 Retail, Outlook 2019 Retail, Outlook 2021 Retail
    Version 2307 (Build 16626.20170)
  • Monthly Enterprise
    Version 2306 (Build 16529.20226)
    Version 2305 (Build 16501.20286)
  • Semi-Annual Enterprise (Preview)
    Version 2302 (Build 16130.20714)
  • Semi-Annual Enterprise
    Version 2302 (Build 16130.20714)
    Version 2208 (Build 15601.20742)
    Version 2202 (Build 14931.21078) 
  • Outlook LTSC 2021
    Version 2108 (Build 14332.20546)
  • Outlook 2019 Volume Licensed
    Version 1808 (Build 10401.20025)

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook itself or the Microsoft Store. This update does not apply to msi-based installations of Office 2016.


Outlook 2016 (MSI) Security Update for August 2023

News

A Security Update has been released for Outlook 2016. It resolves the following vulnerability;

  • CVE-2023-36893: Microsoft Outlook Spoofing Vulnerability
    • This vulnerability is currently not publicly disclosed nor exploited.
    • Exploitation of the vulnerability requires that a user with an affected version of Outlook opens a malicious meeting or appointment invite from the attacker.
    • The Preview Pane is not an attack vector.
    • The Exploitability Assessment is rated: Exploitation Less Likely.

View: Download information for KB5002459

Note: This update can be installed via Microsoft Update and updates Outlook to version 16.0.5408.1000. This update does not apply to Perpetual (Retail) and Microsoft 365 based installations of Office 2016.


Outlook for Microsoft 365 Apps Feature Update for July 2023

News

Microsoft has released the July 2023 feature update of Outlook for Microsoft 365 Apps in the Current Channel.

It’s a bit of an uneventful release as there are only 2 documented fixes this time and no new features.

  • We fixed an issue where opening links in Edge would cause the side pane to not be visible.
  • We fixed an issue where Outlook would prompt the user to save changes to a meeting when no changes were made.

Excel did get an interesting new feature though;

  • Performance improvement related to fonts
    If you do not use printer fonts or have not heard of printer fonts, unchecking the setting in File-> Options-> Advanced-> “Include fonts that are stored on the printer” can help speed up font related operations such as choosing a font from font drop down, or formatting a cell by bolding/italicizing a cell’s font, etc.

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook or the Microsoft Store and updates Outlook to: Version 2307 (Build 16626.20132).


Outlook 365 / 2021 / 2019 / 2016 Update for July 2023

News

The July security and rollup update has been made available for all Click-to-Run installations of Outlook 2016, Outlook 2019, Outlook 2021 and Outlook as part of a Microsoft 365 subscription.

It contains 10 security updates for Excel (3), Outlook (2), and Office (5). The details about the Outlook vulnerabilities can be found below;

  • CVE-2023-33151: Microsoft Outlook Spoofing Vulnerability
    • This vulnerability is currently not publicly disclosed nor exploited.
    • Exploitation of the vulnerability requires that a user to click on a specially crafted URL to be compromised by the attacker.
    • The Exploitability Assessment is rated: Exploitation Less Likely.
  • CVE-2023-35311: Microsoft Outlook Security Feature Bypass Vulnerability
    • This vulnerability is currently not publicly disclosed but it is being exploited already.
    • Exploitation of the vulnerability requires that a user to click on a specially crafted URL to be compromised by the attacker.
    • The Exploitability Assessment is rated: Exploitation Detected.

In addition, it contains 1 new feature and 3 non-security fixes related to Outlook Monthly Enterprise Version 2305.

  • Block emails with sensitive labels
    Implement pop-up messages in Outlook that warn, justify, or block emails being sent based on sensitivity labels.
  • We fixed an issue where the application would close unexpectedly when searching using dates.
  • We fixed an issue that caused users to see the error, “We cannot render Actionable Messages right now” when reading some email messages.
  • We fixed an issue where doing a mail merge would display the error, “Microsoft Word is required to run the Mail Merge Wizard”.

Version 2302 has now also been released to the Semi-Annual Enterprise Channel and contains 1 highlighted new features and 25 fixes which have been made available already to the other release channels. The new feature and some notable fixes are;

  • Improved Calendar Search
    Improvements have been made to Calendar search, largest of which is the ability to more easily find the next occurrence of a series in search results.
  • We fixed an issue that caused users with an Outlook.com account in their profile to be prompted for their password and to receive the following error message: “You cannot log in with a personal account. Use your work or school account.”
  • We fixed an issue that caused Outlook to close unexpectedly when using Loop Components in an email.
  • We fixed an issue where some settings did not roam between machines when switching to Focused Inbox.
  • We fixed an issue that caused the Sub-folders search scope to be broken when searching in the Online Archive.

Based on your release channel, you’ll be updated to the following version;

  • Microsoft 365 Apps, Outlook 2016 Retail, Outlook 2019 Retail, Outlook 2021 Retail
    Version 2306 (Build 16529.20182)
  • Monthly Enterprise
    Version 2305 (Build 16501.20242)
    Version 2304 (Build 16327.20348)
  • Semi-Annual Enterprise (Preview)
    Version 2302 (Build 16130.20644)
  • Semi-Annual Enterprise
    Version 2302 (Build 16130.20644)
    Version 2208 (Build 15601.20706)
    Version 2202 (Build 14931.21040) 
  • Outlook LTSC 2021
    Version 2108 (Build 14332.20529)
  • Outlook 2019 Volume Licensed
    Version 1808 (Build 10400.20007)

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook itself or the Microsoft Store. This update does not apply to msi-based installations of Office 2016.