Outlook 2016 (MSI) Security Update for April 2021

News

A Security Update has been released for Outlook 2016. It resolves the following vulnerability;

  • CVE-2021-28452: Microsoft Outlook Memory Corruption Vulnerability.
    • This vulnerability is currently not publicly disclosed nor exploited.
    • The Preview Pane is not an attack vector.
    • The Exploitability Assessment is rated: Exploitation Less Likely.

This update contains 2 additional fixes or improvements for non-security issues;

  • Fixes an issue that causes garbled email headers when Outlook uses the Chinese Simplified (GB2312) character set.
  • Fixes an issue that causes inline images to disappear when you reply to a message that has a protection label from Azure Information Protection.

View: Download information for KB4486748

Note: This update can be installed via Microsoft Update and updates Outlook to version 16.0.5149.1000. This update does not apply to Perpetual (Retail) and Microsoft 365 based installations of Office 2016.


Sperry Software
Use "BH93RF24" to get a discount when ordering!

Outlook 2013 Security Update for April 2021

News

A Security Update has been released for Outlook 2013. It resolves the following vulnerability;

  • CVE-2021-28452: Microsoft Outlook Memory Corruption Vulnerability.
    • This vulnerability is currently not publicly disclosed nor exploited.
    • The Preview Pane is not an attack vector.
    • The Exploitability Assessment is rated: Exploitation Less Likely.

View: Download information for KB4504733

Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 2013 Click-To-Run and updates Outlook to version 15.0.5337.1000.


Outlook 2010 Security Update for April 2021

News

A Security Update has been released for Outlook 2010. It resolves the following vulnerability;

  • CVE-2021-28452: Microsoft Outlook Memory Corruption Vulnerability.
    • This vulnerability is currently not publicly disclosed nor exploited.
    • The Preview Pane is not an attack vector.
    • The Exploitability Assessment is rated: Exploitation Less Likely.

Important!
This is an extra Security Update for Outlook 2010 as it has already reached the end date for Extended Support. It is highly recommended to update to a later version of Outlook or an alternative mail client as soon as possible.

View: Download information for KB4493185

Note: This update can be installed via Microsoft Update and updates Outlook to version 14.0.7268.5000.


Exchange 2019, 2016 and 2013 Security Updates for April 2021

News

Security updates have been released for Exchange 2013, Exchange 2016 and Exchange 2019.

The updates fixes the following Remote Code Execution Vulnerabilities;

None of the vulnerabilities are currently publicly disclosed nor exploited. The Exploitability Assessment is rated: Exploitation More Likely.

View: Exchange Blog: Released: April 2021 Exchange Server Security Updates
View: Microsoft Security Response Center (MSRC) Blog: April 2021 Update Tuesday packages now available
View: Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: April 13, 2021 (KB5001779)

Download: Security Update for Exchange 2019 CU8 and CU9
Download: Security Update for Exchange 2016 CU19 and CU20
Download: Security Update for Exchange 2013 CU23


Outlook for Microsoft 365 Apps Feature Update for March 2021

News

Microsoft released the March feature update of Outlook for Microsoft 365 Apps in the Current Channel (previously known as the Office 365 Monthly Channel).

It comes with 6 new features for Outlook and 5 highlighted fixes. The new features and fixes are listed below;

  • Save time while composing messages
    Outlook shows you writing suggestions that help you compose messages quickly. To accept the suggestion, just use the Tab key.
  • New conference room and workspace booking experience
    The conference room booking experience has been refreshed, and with it we’ve added capabilities to allow you to schedule individual workspaces as well
  • Pick where to search
    The new search scope drop down allows you to more easily modify your search and switch between Current Folder and Current Mailbox. Thank you to everyone in Coming Soon who provided feedback on the new Search at Top experience. This design and update came out of that feedback!
  • Get meeting suggestions when you search for a person
    When you type a person’s name in the Search box, the most relevant email containing calendar invites will be included with your search suggestions.
  • Share to Teams
    Share messages from Outlook with a person or channel in Teams.
  • Draft messages with your voice
    Use the new dictation toolbar, voice commands, auto-punctuation, and more to compose messages.
  • We fixed an issue that caused some users to experience Outlook to close unexpectedly when syncing folder hierarchy changes.
  • We fixed an issue that caused some users to see their primary and secondary calendar switching places in the Navigation Pane.
  • We fixed an issue that caused users to see more signatures than expected.
  • We fixed an issue that caused some people to be unable to access signatures associated with secondary mail accounts.
  • We fixed an issue that caused users of the Cloud Settings feature to see customized settings overridden by default setting after configuring Outlook on a new device.

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook or the Microsoft Store and updates Outlook to: Version 2103 (Build 13901.20312).


Exchange 2019 CU9 and Exchange 2016 CU20

News

Cumulative Update 9 for Exchange 2019 is now available as well as Cumulative Update 20 for Exchange 2016.

They both contain the same 12 documented new fixes or improvements, as well as all previously released fixes and security updates for their respective Exchange version and the latest DST updates. The CU for Exchange 2019 contains 3 additional fixes which did not apply to Exchange 2016.

Notable improvements, changes and fixes are;

  • Includes the security updates to mitigate the zero-day vulnerabilities (HAFNIUM) which were released earlier this month.
  • KB5001184 EAC has no option to select the correct tenant for an Office 365 mailbox.
  • KB5001188 Incorrect MRM properties stamped on mail item delivery when sending to multiple mailboxes on the same database.
  • KB5001192 Microsoft Teams fails to show calendar due to Autodiscover v2 isn’t site aware.
  • KB5001195 UPN specified when creating mailbox is overwritten automatically causing login failures.
  • KB4583558 PDF preview function in OWA leads to download action unexpectedly.
  • KB5001181 Certain search scenario can’t return expected result in Outlook online mode in Exchange Server 2019.
  • 5000631 Event IDs 1003, 1309 and 4999 are logged after installing Exchange Server 2019 CU8.

This release includes no new updates to the Active Directory Schema for Exchange 2019 and Exchange 2016.
The next planned quarterly update is in June 2021. That will be the last planned CU for Exchange 2016.

Exchange 2019: CU9 KB4602570VLSC Download
Exchange 2016: CU20 KB4602569DownloadUM Language Pack
View: Blog post of the Exchange Team about CU9 for Exchange Server 2019 and CU 20 for Exchange 2016.


Outlook 2016 / 2019 / 365 Update for March 2021

News

A new rollup update has been made available for all Click-to-Run installations of Outlook 2016, Outlook 2019 and Outlook as part of a Microsoft 365 subscription.

It contains 7 security updates for Excel (3), PowerPoint (1), Visio (1) and Office (2).

In addition, it contains 1 documented non-security fixes for Outlook Current Version 2102, 7 fixes for Monthly Enterprise Version 2101, and 7 new features and 33 fixes for a completely new Semi-Annual (Preview) Version 2102. Most notable fixes are;

  • Version 2102
    We fixed an issue that caused users to see newly added calendars fail to appear in the navigation pane until after Outlook had been restarted.
  • Version 2101
    We fixed an issue that caused the encryption icon to fail to display on emails sent using the encryption only option.
  • Version 2101
    We fixed an issue that caused issues with displaying the correct default signature in OWA.
  • Version 2101
    We fixed an issue that caused Cloud Settings users to experience a hang when updating settings.
  • Version 2101
    We fixed an issue that caused some users to experience Outlook to close unexpectedly in certain search scenarios.

Some of the new features in Semi-Annual (Preview) Version 2102 are;

  • Help protect data in your group
    The Sensitivity label you choose when creating a group is applied to group email, documents, and team sites.
  • Create polls in Outlook with Quick Poll
    Easily create a poll, collect votes, and view results within an email.
  • New room finder
    Search for conference rooms by different capabilities.
  • Quickly reopen items from previous Outlook session
    We added an option to quickly reopen items from a previous Outlook session.

    This feature is on by default. To turn it off, go to Options > General > Start up Options.

    Outlook closed while you had items open. Reopen those items from your last session?

Based on your release channel, you’ll be updated to the following version;

  • Microsoft 365 Apps, Outlook 2016 Retail, Outlook 2019 Retail
    Version 2102 (Build 13801.20294)
  • Monthly Enterprise
    Version 2101 (Build 13628.20528)
    Version 2012 (Build 13530.20628)
  • Semi-Annual Enterprise (Preview)
    Version 2102 (Build 13801.20294)
  • Semi-Annual Enterprise
    Version 2008 (Build 13127.21348)
    Version 2002 (Build 12527.21348) 
  • Outlook 2019 Volume License
    Version 1808 (Build 10372.20060)

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook itself or the Microsoft Store. This update does not apply to msi-based installations of Office 2016.


Outlook 2016 Update for March 2021

News

A Rollup Update has been released for Outlook 2016. This is a non-security update which contains the following documented fix.

  • This update fixes an issue that causes file attachments to become corrupted in the Office 365 Message Encryption (OME) encrypted messages.

View: Download information for KB4493226

Note: This update can be installed via Microsoft Update and updates Outlook to version 16.0.5134.1000. This update does not apply to Perpetual (Retail) and Microsoft 365 based installations of Office 2016.


Outlook 2013 Update for March 2021

News

A Rollup Update has been released for Outlook 2013. This is a non-security update which contains the following documented fix.

  • This update fixes an issue that causes file attachments to become corrupted in the Office 365 Message Encryption (OME) encrypted messages.

View: Download information for KB4493174

Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 2013 Click-To-Run and updates Outlook to version 15.0.5327.1000.


Exchange 2019, 2016 , 2013 and 2010 Security Updates for March 2021

News

Out-of-Band security updates have been released for Exchange 2019, Exchange 2016, Exchange 2013 and even Exchange 2010 (which has been out of support since October 13, 2020).

The reason for this is because multiple zero-day vulnerabilities exist which are currently being exploited by a nation-state affiliated group.

It is recommended that you start patching immediately beginning with server that are accessible from the Internet (like server publishing Outlook on the Web/OWA and ECP).

The update fixes the following Remote Code Execution Vulnerabilities;

View: Exchange Blog: Released: March 2021 Exchange Server Security Updates
View: On the Issue Blog: New nation-state cyberattacks
View: Microsoft Security Blog: HAFNIUM targeting Exchange Servers with 0-day exploits
View: Microsoft Security Response Center (MSRC) Blog: Multiple Security Updates Released for Exchange Server

Exchange 2019 CU8 – DownloadKB5000871
Exchange 2019 CU7 – DownloadKB5000871
Exchange 2016 CU19 – DownloadKB5000871
Exchange 2016 CU18 – DownloadKB5000871
Exchange 2013 CU23 – DownloadKB5000871
Exchange 2010 SP3 RU32 – DownloadKB5000978

These security updates are also included in Exchange 2019 CU9 and Exchange 2016 CU20.

If you are running an older CU version of Exchange and can’t directly upgrade to the latest CU see; March 2021 Exchange Server Security Updates for older Cumulative Updates of Exchange Server.