A Security Update has been released for Outlook 2013. It resolves the vulnerability mentioned in CVE-2018-0791, which could allow remote code execution via a specially crafted Office file.
Additional fixes in this update;
- 3rd-party MAPI providers may be blocked despite being in the Outlook profile.
- When you send an email message from Outlook.com to a recipient outside of Office 365, the recipient always gets a winmail.dat attachment in the message.