A Security Update has been released for Outlook 2016. It resolves the following vulnerability;
- CVE-2023-33131: Microsoft Outlook Remote Code Execution Vulnerability
- This vulnerability is currently not publicly disclosed nor exploited.
- Exploitation of the vulnerability requires that a user opens a specially crafted file. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link.
- The Exploitability Assessment is rated: Exploitation Less Likely.
Note: This update can be installed via Microsoft Update and updates Outlook to version 16.0.5395.1000. This update does not apply to Perpetual (Retail) and Microsoft 365 based installations of Office 2016.