Outlook 2013 Security Update for June 2017

A Security Update has been released for Outlook 2013. In addition to resolving the vulnerabilities, it also contains 12 documented improvements and fixes.

Most notable fixes and improvements are:

  • Resolves the vulnerabilities mentioned in CVE-2017-8506, CVE-2017-8507, and CVE-2017-8508 which could allow remote code execution if a user opens a specially crafted Office file or email message.
  • Enable users to install and manage (web) add-ins in Outlook 2013 rather than in the Outlook Web App.
  • Disables the message rule actions to start an application or run a macro (VBA script). To re-enable them, you can set the EnableUnsafeClientMailRules Registry value.
  • After you switch networks on a computer, Outlook 2013 sometimes won’t reconnect to the Microsoft Exchange server.

View: Download information for KB3191938

Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 365 and updates Outlook to version 15.0.4937.1000.