Outlook 2013 Security Update for January 2019

A Security Update has been released for Outlook 2013. It resolves the following vulnerability;

  • CVE-2019-0559: Microsoft Outlook Information Disclosure Vulnerability
    An attacker who successfully exploited this vulnerability could gather information about the victim. An attacker could exploit this vulnerability by sending a specially crafted email to the victim.

This update also contains additional fixes for 4 non-security issues;

  • After update KB3118388 is applied, Office documents in the Public Folders are unexpectedly opened in the Protected View.
  • A “Blocked external content” warning for Secure/Multipurpose Internet Mail Extensions (S/MIME) email messages that have no external content is displayed.
  • This update adds support for directly importing .ics files that contain HTML bodies into an Outlook 2013 calendar. You no longer need to first convert the HTML body to Rich Text Format (RTF).
  • Mail delivery rules stop working. When you try to open the “Manage Rules and Alerts” dialog box, you receive the following error message:

    The operation failed because of a registry or installation problem. Restart Outlook and try again. If the problem persists, reinstall.

View: Download information for KB4461595

Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 2013 Click-To-Run and updates Outlook to version 15.0.5101.1000.