News

A Security Update has been released for Outlook 2010. It provides “enhanced security as a defense in depth measure” as described in ADV180021 and is not related to a know security vulnerability.

Additionally, it fixes a non-security issue where Dynamics CRM functionality is blocked unless you enable all roaming folder homepages by using the EnableRoamingFolderHomepages registry key.

View: Download information for KB4032222

Note: This update can be installed via Microsoft Update and updates Outlook to version 14.0.7212.5000.

Security updates have been released for Exchange 2013 and Exchange 2016. They contain updates for the following 2 security issues;

• CVE-2018-8302: Microsoft Exchange Memory Corruption Vulnerability
• CVE-2018-8374: Microsoft Exchange Server Tampering Vulnerability

View: Description of update KB4340731
Download: Security Update For Exchange Server 2016 CU10 (KB4340731)
Download: Security Update For Exchange Server 2016 CU9 (KB4340731)
Download: Security Update For Exchange Server 2013 CU21 (KB4340731)
Download: Security Update For Exchange Server 2013 CU20 (KB4340731)

Update Rollup 23 for Exchange 2010 Service Pack 3 is now available. It contains 1 documented new security updates and all previously released fixes and security updates for Exchange 2010 SP3. Note that mainstream support for Exchange 2010 has already ended.

• CVE-2018-8302: Microsoft Exchange Memory Corruption Vulnerability
  Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Exchange server.

View: Description of Update Rollup 23 for Exchange Server 2010
Download: Update Rollup 23 For Exchange 2010 SP3 (KB4340733)

A Rollup Update has been released for Outlook 2016. This is a non-security update which contains 5 documented improvements and fixes.

Most notable fixes in this update;

• After you use the “Rooms” button or the Room Finder add-in to change the conference room for a meeting, the Location of the meeting is not automatically updated to match the newly selected room. Also requires update KB3191864.
• This update adds a Group Policy that lets administrators hide the “Do Not Send a Response” option when attendees respond to a meeting via the ForceMtgResponse Registry value.
• This update enables the Outlook Add-in Store for General Data Protection Regulation (GDPR) scenarios.

Office 365 subscribers also got the following new features and changes;

• Recurrence default
  In the Appointment Recurrence dialog box (under “Range of recurrence”), “End by” is the default setting (instead of “No end date”) and is the first setting listed, and a default end date is set.
• Accessibility Checker improvements
  The Accessibility Checker has updated support for international standards and recommendations to make your messages more accessible.

View: Download information for KB4022230

Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 365 and updates Outlook to version 16.0.4717.1000 (msi-based installation) or version 1806 build 10228.20080 (Office 365 based installation).

A Rollup Update has been released for Outlook 2013. This is a non-security update which contains 2 documented improvements and fixes.

• This update provides the translation update for some strings to improve the accuracy.
• When you close an email message from the taskbar, Outlook 2013 may crash.

View: Download information for KB4022242

Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 365 and updates Outlook to version 15.0.5049.1000.

Cumulative Update 10 for Exchange 2016 is now available. It contains 13 documented new fixes or improvements, and all previously released fixes and security updates for Exchange 2016 as well as the latest DST updates.

Notable improvements, changes and fixes are;

• .NET Framework 4.7.1 is now required.
• VC++ 2013 runtime library is now required.
• KB4294209: Cannot clear the “Maximum message size” check box for Send messages or Receive messages in EAC in Exchange Server 2016.
• KB4294212: Cannot send VBScript-created messages in the Outlook 2016 client
• KB4294210: Cannot edit an email attachment in OWA in an Exchange Server 2016 environment.

This release includes no new updates to the Active Directory Schema.

Download: Cumulative Update 10 for Exchange Server 2016 (KB4099852)
Download: Exchange Server 2016 CU10 UM Language Packs
View: Description of Cumulative Update 10 for Exchange Server 2016
View: Blog post of the Exchange Team about CU10 for Exchange Server 2016

Cumulative Update 21 for Exchange 2013 is now available. It contains 10 documented new fixes or improvements, and all previously released fixes and security updates for Exchange 2013 as well as the latest DST updates. Note that mainstream support for Exchange 2013 has ended in April 2018.

Notable improvements, changes and fixes are;

• .NET Framework 4.7.1 is now required.
• VC++ 2013 runtime library is now required.
• KB4133604: User can’t log on to a POP/IMAP account by using NTLM authentication in Exchange Server 2013
• KB4058473: An Office 365 primary mailbox user cannot be assigned full access permissions for an on-premises mailbox in Exchange Server
• KB4294205: POP3 services intermittently stop in an Exchange Server 2013 environment

This release includes no new updates to the Active Directory Schema.

Download: Cumulative Update 21 for Exchange Server 2013 (KB4099855)
Download: Exchange Server 2013 CU21 UM Language Packs
View: Description of Cumulative Update 21 for Exchange Server 2013
View: Blog post of the Exchange Team about CU21 for Exchange Server 2013

Update Rollup 22 for Exchange 2010 Service Pack 3 is now available. It contains 2 changes and 1 documented new fix and all previously released fixes and security updates for Exchange 2010 SP3. Note that mainstream support for Exchange 2010 has already ended.

• VC++ 2013 runtime library is now required.
• Added support for Windows Server 2016 domain controllers.
• KB4295751: EWS impersonation not working when accessing resource mailboxes in a different site in Exchange Server 2010 SP3

View: Description of Update Rollup 22 for Exchange Server 2010
Download: Update Rollup 22 For Exchange 2010 SP3 (KB4295699)
View: Blog post of the Exchange Team about Rollup 22 for Exchange Server 2010

Microsoft has released a blog post and a video in which it explains and shows off the design changes that will be coming to Office.com and Office 365.

One of the major visible changes is the new simplified Ribbon. Instead of having a large button or up to 3 smaller buttons on top of each other, the updated Ribbon contains only 1 line of command icons on each of the Ribbon tabs.

Preview of the new single line command bar in Outlook. (captured from the video linked below)

This redesign allows for a cleaner interface with the commands which matter the most and with more vertical screen space left for the actual content that you are working on.

There will also be an option to expand the Ribbon to return the “classic” three-line layout in case you don’t like the change, want to decide for yourself when you are ready to change or when you simply want to dedicate more screen space to the available commands.

Microsoft will start rolling out this new experience in Outlook for Desktop to a select amount of Insiders in July.

View: Power and simplicity – updates to the Office 365 user experience
View: Updates to the Microsoft Office user experience (video)

A Security Update has been released for Outlook 2016. It resolves the vulnerability mentioned in CVE-2018-8244, which could allow remote code execution via a specially crafted Office file. This update also contains additional fixes for 12 non-security issues.

Most notable fixes in this update;

• When you open and edit a document that is stored in a folder in Outlook 2016, the changes are not saved.
• After the primary email address of a user profile is changed, Outlook 2016 still shows the old SMTP address for the user profile.
• If the “PR_EMSMDB_CRED_USERNAME” property is not present in user profiles, some users may experience too many calls to the user principal name (UPN) lookup. To fix this issue, follow the instructions in KB4022165.
• Some cloud attachments that have certain file names are invisible in email messages.

Office 365 subscribers also got the following new features;

• Hands free typing
  Use your voice to create emails by simply dictating. No need to type.
• View 3 time zones
  Need to schedule a meeting across time zones? Add multiple time zones to your calendar to easily see everyone’s availability and pick a time that works for all.
• Calendar sharing made easy
  Sharing your calendars is simpler and calendars shared from Outlook Desktop are now also available in Outlook Mobile. Learn more

View: Download information for KB4022160

Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 365 and updates Outlook to version 16.0.4705.1000 (msi-based installation) or version 1805 build 9330.2118 (Office 365 based installation) or version 1708 build 8431.2270 (Office 365 Semi-Annual release).