Outlook 2016 (MSI) Security Update for January 2019

A Security Update has been released for Outlook 2016. It resolves the following vulnerability;

  • CVE-2019-0559: Microsoft Outlook Information Disclosure Vulnerability
    An attacker who successfully exploited this vulnerability could gather information about the victim. An attacker could exploit this vulnerability by sending a specially crafted email to the victim.

This update also contains 14 additional fixes or improvements for non-security issues. Most notable are;

  • Adds support for the Do Not Forward policy for meetings so that the meetings can’t be forwarded by attendees.
  • A “Blocked external content” warning for Secure/Multipurpose Internet Mail Extensions (S/MIME) email messages that have no external content is displayed.
  • When you access the “Conversation History” folder, Outlook 2016 hangs.
  • Mail delivery rules stop working. When you try to open the “Manage Rules and Alerts” dialog box, you receive the following error message:

    The operation failed because of a registry or installation problem. Restart Outlook and try again. If the problem persists, reinstall.

View: Download information for KB4461601

Note: This update can be installed via Microsoft Update and updates Outlook to version 16.0.4795.1000. This update does not apply to Perpetual and Office 365 based installations of Office 2016.