A Security Update has been released for Outlook 2016. It resolves the vulnerabilities mentioned in CVE-2018-0850 and CVE-2018-0852, which could allow remote code execution via a specially crafted Office file. It also contains 5 nonsecurity improvements and fixes.
Most notable additional fixes in this update;
- Fixes an issue in which some attachments to plain text messages are removed when you forward the message.
- When you drag an email message to a location outside Outlook by right-clicking and then selecting “Move here”, Outlook copies the message instead of moving it.
- When you try to open a message that contains external content, Outlook 2016 freezes if you don’t have Internet access.
Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 365 and updates Outlook to version 16.0.4654.1000 (msi-based installation) or 16.0.9001.2171 (Office 365 based installation) or 16.0.8431.2215 (Office 365 Semi-Annual Channel installation) or 16.0.8201.2258 (Deferred Channel).