A Security Update has been released for Word 2013 which affects Outlook 2013. It resolves the following vulnerability;
- CVE-2020-1229: Microsoft Outlook Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system. An attacker who successfully exploited this vulnerability could cause a system to load remote images. These images could disclose the IP address of the targeted system to the attacker.Exploitation of the vulnerability requires that a user open a specially crafted image with an affected version of Microsoft Office software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted image to the user.
The update addresses the vulnerability by changing how remote images are processed in Outlook.
View: Download information for KB4484361
Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 2013 Click-To-Run and updates Outlook to version 15.0.5249.1000.
