A Security Update has been released for Outlook 2013. It resolves the following vulnerabilities;
- CVE-2023-33151: Microsoft Outlook Spoofing Vulnerability
- This vulnerability is currently not publicly disclosed nor exploited.
- Exploitation of the vulnerability requires that a user to click on a specially crafted URL to be compromised by the attacker.
- The Exploitability Assessment is rated: Exploitation Less Likely.
- CVE-2023-35311: Microsoft Outlook Security Feature Bypass Vulnerability
- This vulnerability is currently not publicly disclosed but it is being exploited already.
- Exploitation of the vulnerability requires that a user to click on a specially crafted URL to be compromised by the attacker.
- The Exploitability Assessment is rated: Exploitation Detected.
View: Download information for KB5002432
Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 2013 Click-To-Run and updates Outlook to version 15.0.5571.1000.