A Security Update has been released for Outlook 2010. It resolves the following vulnerability;
- CVE-2020-16949: Microsoft Outlook Denial of Service Vulnerability
A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system.
Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Outlook server.
The security update addresses the vulnerability by correcting how Microsoft Outlook handles objects in memory.
This is the last scheduled Security Update for Outlook 2010 as it has now reached the end date for Extended Support. It is highly recommended to update to a later version of Outlook or an alternative mail client as soon as possible.
Note: This update can be installed via Microsoft Update and updates Outlook to version 14.0.7261.5000.