A Security Update has been released for Outlook 2016. In addition to resolving the vulnerability, it also contains 17 documented improvements and fixes.
Most notable fixes are;
- Resolves the vulnerabilities mentioned in Microsoft Security Bulletin MS16-107 which could allow remote code execution if a user opens a specially crafted Office file.
- Recipients on email sent programmatically in Outlook aren’t added to the user’s nickname cache. This can now be controlled via the EnableNicknameWithOM Registry value.
- You can’t open public folders in Outlook 2016. This issue commonly affects Office 365 subscribers.
- When you select the Preview file button for a PDF file of an email message in Outlook 2016, the PDF file can’t be previewed.
- You can now specify the default editor format for calendar items via the CalendarEditorPreference Registry value.
Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 365 and updates Outlook to version 16.0.4432.1001 (msi-based installation) or 16.0.7167.2058 (Office 365 based installation).