Exchange 2019, 2016 and 2013 Security Updates for May 2022

News

Security updates have been released for Exchange 2013, Exchange 2016 and Exchange 2019.

The updates fix the following vulnerability;

  • CVE-2022-21978: Microsoft Exchange Server Elevation of Privilege Vulnerability

The vulnerability is currently not publicly disclosed nor being exploited. The exploitability assessment is regarded as “Exploitation Less Likely”. However, it is still important to update as soon as possible.

After applying the update, it is required to run /PrepareAllDomains once in your environment as well or otherwise you’d still not be protected from the vulnerability.

Also note that all Security Updates are now released as .exe files instead of .msp files. The main reason for this is to ensure that the installation runs with the required permissions and preventing that your Exchange installations ends up in a bad state. The .msp file can still be extracted from the .exe file or obtained via the Microsoft Update Catalog by extracting the .cab file.

View: Exchange Blog: Released: May 2022 Exchange Server Security Updates
View: Description of the security update for Microsoft Exchange Server 2016 and 2019: May 10, 2022 (KB5014261)
View: Description of the security update for Microsoft Exchange Server 2013: May 10, 2022 (KB5014260)

Download: Security Update for Exchange 2019 CU11 and CU12
Download: Security Update for Exchange 2016 CU22 and CU23
Download: Security Update for Exchange 2013 CU23


MAPILab
Use "4PM76A8" to get a discount when ordering!

Outlook for Microsoft 365 Apps Feature Update for April 2022

News

Microsoft released the April feature update of Outlook for Microsoft 365 Apps in the Current Channel (previously known as the Office 365 Monthly Channel).

There are no new features this time but it does include 6 highlighted fixes of which 2 apply to Outlook’s integration with Access.

  • We fixed an issue that caused Outlook to close unexpectedly during launch when connected to a OneDrive for Business endpoint with no service URL.
  • We fixed an issue that caused EU users to see information missing from person cards.
  • We fixed an issue that caused users to experience a close unexpectedly when trying to respond to certain contacts.
  • We fixed an issue that caused users to experience a close unexpectedly when deleting a folder.
  • We fixed an issue that prevented Outlook Event-Based Add-Ins from functioning properly. (Access)
  • This change helps users find the correct settings for managing the default online meeting options for third party meeting providers. (Access)

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook or the Microsoft Store and updates Outlook to: Version 2204 (Build 15128.20178).


Exchange 2019 CU12 and Exchange 2016 CU23

News

Cumulative Update 12 for Exchange 2019 is now available as well as Cumulative Update 23 for Exchange 2016.

With these releases there major changes to the release model of future CUs.

First of all, the is the last CU for Exchange 2016 as it has reached its Extended Support phase. This means that from now on, it will only received Security Updates.

Second, Exchange 2019 CU releases have shifted to a cadence of 2 times per year. These are targeted for March and September but as they are quality driven, their actual release could be off by a month if needed.

Exchange 2019 CU12 also includes the following major changes;

  • Exchange Management Tools Update
    When you’ve only installed Exchange on-premises to manage all your Exchange Online mailboxes for your Synced Active Directory users, you can now install the updated Management Tools on a domain-joined workstation, shutdown your last Exchange server, and manage your recipients via PowerShell.
  • Hybrid Experience Updates
    • Licensing has been updated to add a product key for Exchange 2019 hybrid servers at no additional charge.
    • Support has been added for using MFA-enabled admin credentials with Hybrid Agent cmdlets. The Hybrid Management PowerShell module now works with MFA-enabled admin accounts.
  • Support for Windows Server 2022
    CU12 also introduces support for running Exchange Server 2019 on Windows Server 2022 and in environments that use Windows Server 2022 Active Directory servers. For more information see the Exchange Server supportability matrix.

Additionally, for both Exchange 2016 and Exchange 2019, parameters that take UNC paths as inputs will no longer be usable in Exchange Server PowerShell cmdlets or the Exchange Admin Center. For more info and the newly supported methods see; Changes in Exchange Server PowerShell cmdlets and Exchange Admin Center for UNC path inputs (KB5014278).

This release does not include new updates to the Active Directory Schema for Exchange 2019 nor Exchange 2016.

As mentioned before, the next planned Cumulative Update for Exchange 2019 is in September 2022. Exchange 2016 is not expected to receive any new CUs anymore.

Exchange 2019: CU12 KB5011156Download
Exchange 2016: CU23 KB5011155DownloadUM Language Packs
View: Blog post of the Exchange Team about CU12 for Exchange Server 2019 and CU 23 for Exchange 2016.


Outlook 2016 / 2019 / 2021 / 365 Update for April 2022

News

A new rollup update has been made available for all Click-to-Run installations of Outlook 2016, Outlook 2019, Outlook 2021 and Outlook as part of a Microsoft 365 subscription.

It contains 2 security updates for Excel.

In addition, it contains 1 documented non-security fix for Outlook Current Version 2203, 17 fixes for Monthly Enterprise Version 2202, 9 fixes for Semi-Annual Preview Version 2202, 1 fix for Semi-Annual Version 2108, and 1 fix for Semi-Annual Version 2102.

Some notable fixes are;

  • Version 2203
    • We fixed an issue that caused the “Move to Other” functionality to stop working properly.
  • Version 2202
    • We fixed an issue that caused the membership list to not display properly for contact cards.
    • We fixed an issue that caused users to experience performance issues when switching folders due to a corrupt view setting.
    • We fixed an issue that caused some toggle-type options to sync incorrectly when using Cloud Settings.
    • We fixed an issue displaying some SVG files.
    • We fixed an issue where removed shared calendars reappeared when the REST shared calendar feature was enabled.
    • We fixed an issue that caused shared calendars to be in an unselected state after adding them.
  • Version 2202 and Version 2108
    • We fixed an issue where a received email would not include a link to open the message.
  • Version 2202 and Version 2102
    • A data change was made to include a new United Kingdom holiday in UK-based calendars.

Based on your release channel, you’ll be updated to the following version;

  • Microsoft 365 Apps, Outlook 2016 Retail, Outlook 2019 Retail, Outlook 2021 Retail
    Version 2203 (Build 15028.20204)
  • Monthly Enterprise
    Version 2202 (Build 14931.20274)
    Version 2201 (Build 14827.20246)
  • Semi-Annual Enterprise (Preview)
    Version 2202 (Build 14931.20274)
  • Semi-Annual Enterprise
    Version 2108 (Build 14326.20910)
    Version 2102 (Build 13801.21278) 
  • Outlook LTSC 2021
    Version 2108 (Build 14332.20281)
  • Outlook 2019 Volume Licensed
    Version 1808 (Build 10385.20027)

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook itself or the Microsoft Store. This update does not apply to msi-based installations of Office 2016.


Outlook for Microsoft 365 Apps Feature Update for March 2022

News

Microsoft released the March feature update of Outlook for Microsoft 365 Apps in the Current Channel (previously known as the Office 365 Monthly Channel).

There are no these features this time but it does include 9 highlighted fixes.

  • We fixed an issue that caused messages using the Encrypt Only and Do Not Forward templates to return unexpected permissions through the object model.
  • We fixed an issue that caused some toggle-type options to sync incorrectly when using Cloud Settings.
  • We fixed an issue that caused the “Index out of date” message to display too often.
  • We fixed an issue that caused users to expect a stop responding in Outlook in some diagnostic scenarios.
  • We fixed an issue that caused users to see only a subset of the messages to get moved when moving multiple mail items from Focused to Other or Other to Focused.
  • A data change was made to include a new United Kingdom holiday in UK-based calendars.
  • We fixed an issue where removed shared calendars reappeared when the REST shared calendar feature was enabled.
  • We fixed an issue that caused Outlook to close unexpectedly during shutdown under some circumstances.
  • We fixed an issue that caused contact cards to not show properly.

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook or the Microsoft Store and updates Outlook to: Version 2203 (Build 15028.20160).


Outlook 2016 / 2019 / 2021 / 365 Update for March 2022

News

A new rollup update has been made available for all Click-to-Run installations of Outlook 2016, Outlook 2019, Outlook 2021 and Outlook as part of a Microsoft 365 subscription.

It contains 5 security updates for Visio (3) and Word (2).

In addition, it contains 3 documented non-security fix for Outlook Current Version 2202, 1 new feature and 5 fixes for Monthly Enterprise Version 2201, and 1 fix for Semi-Annual Version 2108.

  • Version 2202
    • We fixed an issue that caused users to experience performance issues when switching folders due to a corrupt view setting.
    • We fixed an issue that caused the default icon to be displayed for attached messages when a custom icon was expected.
    • We fixed an issue that caused the membership list to fail to display for contact cards.
  • Version 2201
    • We fixed an issue that caused users to be unable to open messages with Digital Rights Management policies applied.
    • We fixed an issue where a received email would not include a link to open the message.
    • We fixed an issue that caused a stop responding when loading personas.
    • We fixed an issue that caused certain Smart Link callouts to be inaccessible to screen readers.
    • We fixed an issue where the folder hierarchy did not synchronize all folders for very large primary mailboxes with more than 10000 folders.
  • Version 2108
    • We fixed an issue that caused the scroll bar on the appointment view in meeting invitations to be shrunk horizontally.

The new features in Monthly Enterprise Version 2201 is;

  • Use your voice to send email and @mention
    New voice commands let you send mail and @mention others while dictating.

Version 2202 has now also been released to the Semi-Annual Enterprise Channel (Preview) and contains 11 highlighted new features and 38 fixes which have been made available already to the Current and Monthly Enterprise release channels. Some notable new features are;

  • Expanded GAL people suggestions for mail and calendar compose
    Outlook will now return results from the complete GAL when suggestions people for email and calendar compose.
  • Read messages with fewer distractions
    Make it easier to focus on messages with custom text spacing, page colors, column width, and line focus, by turning on Immersive Reader.
  • Turn on shared calendar improvements
    For shared calendars in Office 365, Outlook can update these calendars using the REST API. Turn on the preview for faster and more reliable updates to shared calendars.

Based on your release channel, you’ll be updated to the following version;

  • Microsoft 365 Apps, Outlook 2016 Retail, Outlook 2019 Retail, Outlook 2021 Retail
    Version 2202 (Build 14931.20132)
  • Monthly Enterprise
    Version 2201 (Build 14827.20220)
    Version 2112 (Build 14729.20360)
  • Semi-Annual Enterprise (Preview)
    Version 2202 (Build 14931.20132)
  • Semi-Annual Enterprise
    Version 2108 (Build 14326.20852)
    Version 2102 (Build 13801.21214) 
  • Outlook LTSC 2021
    Version 2108 (Build 14332.20255)
  • Outlook 2019 Volume Licensed
    Version 1808 (Build 10384.20023)

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook itself or the Microsoft Store. This update does not apply to msi-based installations of Office 2016.


Exchange 2019, 2016 and 2013 Security Updates for March 2022

News

Security updates have been released for Exchange 2013, Exchange 2016 and Exchange 2019.

The updates fix the following Vulnerabilities;

  • CVE-2022-23277: Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2022-24463: Microsoft Exchange Server Spoofing Vulnerability (does not apply to Exchange 2013)

None of the them are currently publicly disclosed nor being exploited. However, the exploitability assessment of CVE-2022-23277 is regarded as “Exploitation More Likely”. It is therefor important to update as soon as possible.

The update for Exchange 2013 also contains a critical change for continued support for add-ins. Without this update, you will not be able to install or start any new Office add-ins.

  • KB5012925: RFC certificate timestamp validation in Exchange Server 2013

View: Exchange Blog: Released: March 2022 Exchange Server Security Updates
View: Description of the security update for Microsoft Exchange Server 2019 and Exchange 2016: March 8, 2022 (KB5012698)
View: Description of the security update for Microsoft Exchange Server 2013: March 8, 2022 (KB5010324)

Download: Security Update for Exchange 2019 CU10 and CU11
Download: Security Update for Exchange 2016 CU21 and CU22
Download: Security Update for Exchange 2013 CU23


Outlook for Microsoft 365 Apps Feature Update for February 2022

News

Microsoft released the February feature update of Outlook for Microsoft 365 Apps in the Current Channel (previously known as the Office 365 Monthly Channel).

It comes with 1 new feature for Outlook and 5 highlighted fixes. The new feature and fixes are listed below;

  • Org Explorer
    Visualize and explore your company’s internal structure, work teams, and individual roles.
  • We fixed an issue where the folder hierarchy did not synchronize all folders for very large primary mailboxes with more than 10000 folders.
  • We fixed an issue where a received email would not include a link to open the message.
  • We fixed an issue that caused certain Smart Link callouts to be inaccessible to screen readers.
  • We fixed an issue that caused contact cards to not show.
  • We fixed an issue in the Outlook preview pane to allow SVG images to render properly.

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook or the Microsoft Store and updates Outlook to: Version 2202 (Build 14931.20120).


Partial word, string or wildcard search in Outlook

Search buttonOutlook’s indexed search is fast as long as you know the exact beginning of the word or string that you are looking for.

If you want to search for only a part of a word, like the middle or ending, you’ll have to use the much more cumbersome Advanced Find.

For instance, when searching for “write”, Outlook’s indexed search will only find messages containing “write” but Advanced Find will also find “rewrite”.

A similar situation exists when searching for product codes or reference numbers were people could leave out prefixes, spaces or dashes.

Or what about names?
Katerina or Caterina? Kristian or Christian?

With an Advanced Find macro we can make these type of searches quick and easy again.

Continue reading: Partial word, string or wildcard search in Outlook


Outlook 2016 / 2019 / 2021 / 365 Update for February 2022

News

A new rollup update has been made available for all Click-to-Run installations of Outlook 2016, Outlook 2019, Outlook 2021 and Outlook as part of a Microsoft 365 subscription.

It contains 5 security updates for Excel (1), Visio (1) and Office (3).

In addition, it contains 6 new features and 4 fixes for Monthly Enterprise Version 2112, and 1 fix for Semi-Annual Version 2108.

  • Version 2112
    • We fixed an issue that caused the smart link URL to not update when the user changed the permissions on the link in the message.
    • We fixed an issue that caused applications to become unresponsive after loading a contact card.
    • We fixed an issue that caused a stop responding when loading personas.
    • We fixed an issue that caused users to see garbled text in some fields when exporting contacts to a CSV.
  • Version 2108
    • We fixed an issue that caused Reply All to fail to include the sender when the sender is different from the Reply To address and is also the recipient.

The new features in Monthly Enterprise Version 2112 are;

Based on your release channel, you’ll be updated to the following version;

  • Microsoft 365 Apps, Outlook 2016 Retail, Outlook 2019 Retail, Outlook 2021 Retail
    Version 2201 (Build 14827.20192)
  • Monthly Enterprise
    Version 2112 (Build 14729.20322)
    Version 2111 (Build 14701.20314)
  • Semi-Annual Enterprise (Preview)
    Version 2108 (Build 14326.20784)
  • Semi-Annual Enterprise
    Version 2108 (Build 14326.20784)
    Version 2102 (Build 13801.21156)
    Version 2008 (Build 13127.21886)
  • Outlook LTSC 2021
    Version 2108 (Build 14332.20238)
  • Outlook 2019 Volume Licensed
    Version 1808 (Build 10383.20027)

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook itself or the Microsoft Store. This update does not apply to msi-based installations of Office 2016.