HowTo-Outlook

The April security and rollup update has been made available for all Click-to-Run installations of Outlook 2016, Outlook 2019, Outlook 2021 and Outlook as part of a Microsoft 365 subscription.

It contains 1 security update for Excel.

In addition, it contains 15 non-security fixes related to Outlook Monthly Enterprise Version 2402, 3 fixes related to Outlook Semi-Annual (Preview) Version 2402, and 1 fix related to Outlook Semi-Annual Version 2308 and 2302. Most notable fixes are;

• Version 2402, 2308 and 2303
• We fixed an issue that caused the following symptoms:
• Users were unable to recall a message in some environments.
• Users were unable to address synchronization conflicts
• Users were unable to load forms from third party MAPI forms servers.
• Version 2402
• We fixed an issue that caused Outlook to exit unexpectedly after attaching an Outlook item from the Insert tab.
• We fixed an issue that caused some users to see Outlook exiting unexpectedly when clicking a hyperlink.
• We fixed an issue with mail view appearing blank for an extended time when switching folders.
• We fixed an issue that caused Outlook to exit unexpectedly when expanding a conversation in the search results from a search of “All Mailboxes.”
• We fixed an issue where users were unable to send emails from QuickBooks, as described in the following article: Unable to send emails from QuickBooks using Outlook Desktop after update to Version 2402.

Based on your release channel, you’ll be updated to the following version;

• Microsoft 365 Apps, Outlook 2016 Retail, Outlook 2019 Retail, Outlook 2021 Retail
  Version 2403 (Build 17425.20176)
• Monthly Enterprise
  Version 2402 (Build 17328.20282)
  Version 2401 (Build 17231.20304)
• Semi-Annual Enterprise (Preview)
  Version 2402 (Build 17328.20282)
• Semi-Annual Enterprise
  Version 2308 (Build 16731.20636)
  Version 2302 (Build 16130.20960) 
• Outlook LTSC 2021
  Version 2108 (Build 14332.20685)
• Outlook 2019 Volume Licensed
  Version 1808 (Build 10409.20028)

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook itself or the Microsoft Store. This update does not apply to msi-based installations of Office 2016.

A Cumulative Update has been released for Outlook 2016. It resolves the following issues;

• Introduces a new group policy to block the external card Loop feature.
  The following three states are created for the new policy to make sure that Outlook follows the policy setting:
  • Don’t show automatically
  • Only show automatically within tenant
  • Always show automatically
• Fixes an issue in which the Group Policy Editor (gpedit.msc) doesn’t load correctly after you create a new policy for the blocked external card Loop.

View: Download information for KB5002574

Note: This update can be installed via Microsoft Update and updates Outlook to version 16.0.5442.1000. This update does not apply to Perpetual (Retail) and Microsoft 365 based installations of Office 2016.

Microsoft has released the March 2024 feature update of Outlook for Microsoft 365 Apps in the Current Channel.

There is no new feature for Outlook, but OneNote contains a Preview of the New Sticky Notes app. These notes are stored within your Outlook mailbox (Exchange Online or Outlook.com) but gives you a much better “small-note” taking experience than within Outlook itself.

There are 7 fixes for Outlook and 2 fixes that are also related to Outlook. One of these fixes is for Word and the other for general Office components.

• We fixed an issue that caused some users to receive a Non Delivery Report when attempting to reply to or forward a message.
• We fixed an issue with user and shared mailboxes where a message sent from a user with saved to Sent Items folder enabled and where DelegateSentItemsStyle is set to 1 is saved in the shared mailbox Sent Items folder.
• We fixed an issue where Office add-ins disappeared from the ribbon.
• We fixed an issue that affected all-day meetings with a reminder on the day of. The meeting did not open, and an error message was displayed.
• We fixed an issue that caused the following symptoms:
  • Users were unable to recall a message in some environments.
  • Users were unable to address synchronization conflicts
  • Users were unable to load forms from third party MAPI forms servers.
• We fixed an issue that caused some Webview-based addins to encounter authentication errors that caused them to be unable to be loaded in the task pane.
• We fixed an issue that caused Outlook to exit unexpectedly when attaching an Outlook item from the Insert tab.
• We fixed an issue that prevented users from receiving emails created using Mail Merge. (Word)
• We fixed an issue where a mandatory sensitivity label was not applied or prompted for if an email was sent from the Drafts-folder. (Office)

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook or the Microsoft Store and updates Outlook to: Version 2403 (Build 17425.20146).

The March security and rollup update has been made available for all Click-to-Run installations of Outlook 2016, Outlook 2019, Outlook 2021 and Outlook as part of a Microsoft 365 subscription.

It contains 1 security update for Shared Office Components.

In addition, it contains 2 non-security fix related to Outlook Current Channel Version 2402, 1 fix related to Outlook Monthly Enterprise Version 2401, and 1 fix related to Outlook Semi-Annual Version 2308.

• Version 2402
• We fixed an issue where users were unable to send emails from QuickBooks.
• We fixed an issue that caused some users to see Outlook exiting unexpectedly when clicking a hyperlink.
• Version 2401
• We fixed an issue where meetings spanning a full day were appearing in meeting details on the following day. (OneNote)
• Version 2308
• We fixed an issue that caused Mail Tips to not appear for attachments.

Version 2402 has now also been released to the Semi-Annual Enterprise Channel (Preview) and contains 1 highlighted new features and over 31 fixes related to Outlook, which have been made available already to the Current release channel too. The new feature is;

• Sensitivity Label scoping between files, emails and meetings
  Office applications can now filter out sensitivity labels based on the document type. For example, Outlook email will no longer show labels that only apply to Word, Excel, and PowerPoint documents.

Based on your release channel, you’ll be updated to the following version;

• Microsoft 365 Apps, Outlook 2016 Retail, Outlook 2019 Retail, Outlook 2021 Retail
  Version 2402 (Build 17328.20184)
• Monthly Enterprise
  Version 2401 (Build 17231.20290)
  Version 2312 (Build 17126.20216)
• Semi-Annual Enterprise (Preview)
  Version 2402 (Build 17328.20184)
• Semi-Annual Enterprise
  Version 2308 (Build 16731.20600)
  Version 2302 (Build 16130.20928) 
• Outlook LTSC 2021
  Version 2108 (Build 14332.20651)
• Outlook 2019 Volume Licensed
  Version 1808 (Build 10408.20002)

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook itself or the Microsoft Store. This update does not apply to msi-based installations of Office 2016.

Security updates have been released for Exchange 2016 and Exchange 2019.

The updates fix the following vulnerability and implements a security advisory;

• CVE-2024-26198: Microsoft Exchange Server Remote Code Execution Vulnerability
• ADV24199947: Microsoft announces the deprecation of Oracle’s libraries in Exchange Server

The vulnerability currently isn’t publicly disclosed nor exploited. And even though it is rated as “Exploitation Less Likely”, it is still recommended to update as soon as possible.

The updates also contains the following non-security issue;

• EWS search request displays inaccurate results

However, these updates also come with 3 known issues;

• OutsideInModule is disabled
• Download domains not working
• OwaDeepTestProbe and EacBackEndLogonProbe fail

View: Exchange Blog: Released: March 2024 Exchange Server Security Updates

Exchange 2019 CU14 SU1 – Download – KB5036401
Exchange 2019 CU13 SU5 – Download – KB5036402
Exchange 2016 CU23 SU12 – Download – KB5036386

Microsoft has released the February 2024 feature update of Outlook for Microsoft 365 Apps in the Current Channel.

Just like last month, there is not a single new feature for any of the Office applications but quite a number of fixes.

There are 8 fixes for Outlook and 2 fixes that are also related to Outlook. One of these fixes is for Word and the other for general Office components.

• We fixed an issue that caused Outlook to exit unexpectedly when expanding a conversation in the search results from a search of “All Mailboxes.”
• We fixed an issue that caused Outlook to unexpectedly exit shortly after launching for some users.
• We fixed an issue that caused 3rd party MAPI applications to be unable to retrieve licensing information.
• Fixed an issue with mail view appearing blank for an extended time when switching folders.
• We fixed an issue that caused Outlook to exit unexpectedly when attaching an Outlook item (such as an email message) from the insert tab.
• We fixed an issue that caused Outlook to exit unexpectedly when adding an attachment in some scenarios.
• We fixed an issue where a Meeting window would not close and the meeting would not get added to the organizer’s calendar if an image had previously been added into the body of the message and the organizer was attempting to reopen the meeting and add new attendees.
• We fixed an issue that caused users to be unable to synchronize email with the Exchange ActiveSync protocol.
• We fixed an issue where the font would switch from Aptos to Times New Roman when typing in a new email. (Word)
• We fixed an issue that caused event based add-ins to be unable to display the Info Bar in Win32 Outlook. (Office)

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook or the Microsoft Store and updates Outlook to: Version 2402 (Build 17328.20142).

The February security and rollup update has been made available for all Click-to-Run installations of Outlook 2016, Outlook 2019, Outlook 2021 and Outlook as part of a Microsoft 365 subscription.

It contains 6 security updates for Outlook (2), Visio (1), Word (1), and Office (2). The details about the Outlook vulnerabilities can be found below;

• CVE-2024-21378: Microsoft Outlook Remote Code Execution Vulnerability
  • This vulnerability is currently not publicly disclosed nor exploited.
  • Exploitation of the vulnerability requires that a user open a specially crafted file.
  • The Preview Pane is an attack vector.
  • The Exploitability Assessment is rated: Exploitation More Likely.

• CVE-2024-21402: Microsoft Outlook Remote Code Execution Vulnerability
• This vulnerability is currently not publicly disclosed nor exploited.
• If the attacker successfully exploits the vulnerability, the attacker would gain the rights of the user that is running the affected application.
• The Exploitability Assessment is rated: Exploitation Less Likely.

In addition, it contains 1 non-security fix related to Outlook Current Channel Version 2401, and 7 fixes related to Outlook Monthly Enterprise Version 2312.

• 2401
• We fixed an issue where the App Search bar was unexpectedly appearing above the message list in Outlook 2016 and Outlook 2019.
• 2312
• We fixed an issue that caused Outlook to exit unexpectedly when opening embedded mail attachments in another application.
• We fixed an issue where the list of invalid recipients was showing duplicates.
• We fixed an issue where Mail Tips were not showing for attachments.
• We fixed an issue that caused Data Loss Prevention features to be unexpectedly disabled when disabling Optional Connected Experiences.
• We fixed an issue where Skype for Business was shutting down unexpectedly at start up.
• We fixed an issue where the message list was blank when switching between the “Focused” and “Other” views.
• We fixed an issue that caused Outlook to exit unexpectedly after discarding an edit to a received single instance meeting.

Based on your release channel, you’ll be updated to the following version;

• Microsoft 365 Apps, Outlook 2016 Retail, Outlook 2019 Retail, Outlook 2021 Retail
  Version 2401 (Build 17231.20236)
• Monthly Enterprise
  Version 2312 (Build 17126.20190)
  Version 2311 (Build 17029.20178)
• Semi-Annual Enterprise (Preview)
  Version 2308 (Build 16731.20550)
• Semi-Annual Enterprise
  Version 2308 (Build 16731.20550)
  Version 2302 (Build 16130.20916)
  Version 2208 (Build 15601.20870) 
• Outlook LTSC 2021
  Version 2108 (Build 14332.20637)
• Outlook 2019 Volume Licensed
  Version 1808 (Build 10407.20032)

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook itself or the Microsoft Store. This update does not apply to msi-based installations of Office 2016.

Cumulative Update 14 for Exchange 2019 is now available. With the new release model, it is officially called; The 2024 H1 Cumulative Update (CU) for Exchange Server 2019.

Exchange 2019 CU14 includes the following major changes;

• Extended Protection enabled by default
  Originally released in August 2022, Exchange Server Extended Protection support will now be enabled by default. This applies to the server on which it is installed and will happen when running setup.
  As setup does not validate EP readiness, make sure you run the Exchange Server Health Checker script and verify the Prerequisites for enabling Extended Protection on Exchange server.
  To prevent setup from enabling EP, run setup from a command line wit either the /DoNotEnableEP or /DoNotEnableEPFEEWS switch.
• CVE-2024-21410 information
  To address CVE-2024-21410 (which got released today), you’ll need to enable Extended Protection. This also applies to any previous version of CU of Exchange 2019 as well as Exchange 2016 and even Exchange 2013 and not just Exchange 2019 CU14. For more information see; Exchange Server support for Windows Extended Protection.
• .NET Framework 4.8.1 support on Windows Server 2022

There are 18 additional fixes documented for this release. A few notable ones are;

• KB5035443: Read receipts are returned if ActiveSyncSuppressReadReceipt is “True” in Exchange Server 2019
• KB5035453: Issues in Exchange or Teams when you try to delegate information
• KB5035455: MSExchangeIS stops responding and returns “System.NullReferenceExceptions” multiple times per day
• KB5035494: Modern attachment doesn’t work when web proxy is used in Exchange Server 2019
• KB5035495: OWA displays junk operations even if junk mail reporting is disabled
• KB5035542: Remote equipment and room mailboxes can now be managed through EAC
• KB5035617: Transport rules aren’t applied to multipart or alternative messages

This release does not include new updates to the Active Directory Schema for Exchange 2019.

Exchange 2019 is scheduled for later this year and will include support for TLS 1.3.

Exchange 2019: CU14 KB5035606 – Download
View: Blog post of the Exchange Team about CU14 for Exchange Server 2019

Note: Exchange 2016 has reached its Extended Support phase and CU23 was the last CU for it. This means that from now on, it will only receive Security Updates.

A Security Update has been released for Outlook 2016. It resolves the following vulnerability;

• CVE-2024-21378: Microsoft Outlook Remote Code Execution Vulnerability
  • This vulnerability is currently not publicly disclosed nor exploited.
  • Exploitation of the vulnerability requires that a user open a specially crafted file.
  • The Preview Pane is an attack vector.
  • The Exploitability Assessment is rated: Exploitation More Likely.

View: Download information for KB5002543

Note: This update can be installed via Microsoft Update and updates Outlook to version 16.0.5430.1000. This update does not apply to Perpetual (Retail) and Microsoft 365 based installations of Office 2016.

Microsoft has released the January 2024 feature update of Outlook for Microsoft 365 Apps in the Current Channel.

However, this time there is not a single new feature for any of the Office applications but just a couple of fixes.

There is 1 only fix for Outlook and 1 fix for OneNote that is also related to Outlook.

• We fixed an issue that caused Outlook to exit unexpectedly after discarding an edit to a received single instance meeting.
• We fixed an issue where meetings spanning a full day were appearing in meeting details on the following day. (OneNote)

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook or the Microsoft Store and updates Outlook to: Version 2401 (Build 17231.20182).