Outlook 2013 Security Update for June 2020

News

A Security Update has been released for Word 2013 which affects Outlook 2013. It resolves the following vulnerability;

  • CVE-2020-1229: Microsoft Outlook Security Feature Bypass Vulnerability
    A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system. An attacker who successfully exploited this vulnerability could cause a system to load remote images. These images could disclose the IP address of the targeted system to the attacker.Exploitation of the vulnerability requires that a user open a specially crafted image with an affected version of Microsoft Office software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted image to the user.
    The update addresses the vulnerability by changing how remote images are processed in Outlook.

View: Download information for KB4484361

Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 2013 Click-To-Run and updates Outlook to version 15.0.5249.1000.


Sperry Software
Use "BH93RF24" to get a discount when ordering!

Outlook 2010 Security Update for June 2020

News

A Security Update has been released for Word 2010 which affects Outlook 2010. It resolves the following vulnerability;

  • CVE-2020-1229: Microsoft Outlook Security Feature Bypass Vulnerability
    A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system. An attacker who successfully exploited this vulnerability could cause a system to load remote images. These images could disclose the IP address of the targeted system to the attacker.Exploitation of the vulnerability requires that a user open a specially crafted image with an affected version of Microsoft Office software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted image to the user.
    The update addresses the vulnerability by changing how remote images are processed in Outlook.

View: Download information for KB4484380

Note: This update can be installed via Microsoft Update and updates Word to version 14.0.7252.5000.


Outlook for Office 365 Feature Update for May 2020

News

We just started June but Microsoft has now released the May feature update of Outlook for Office 365 (Monthly Channel) and it comes with 4 new features for Outlook and 3 highlighted fixes. There is also a feature change for Skype for Business affecting its Outlook Add-in.

  • Help protect data in your group
    The Sensitivity label you choose when creating a group is applied to group email, documents, and team sites
  • Better results—in a jiffy
    We’ve updated the Search experience to make it smarter, faster, and more reliable than ever.
  • Tell your stories with animated GIFs
    Animated GIFs are now supported in the Office editor – your documents just got snazzier (when composing an email; animated GIFs were already supported for emails you receive).
  • Calendar gets a makeover
    See visual updates that make your calendar easier to scan.
  • Addressed an issue with the clp auditing event for the reply/forward label.
  • Addressed an issue that caused users of Windows 10 server versions to see the warning “Antivirus status: Invalid”. This version of Windows supports antivirus detection, but no antivirus was found despite having anti virus correctly installed.
  • Addressed an issue that caused users to experience a crash when submitting feedback from an Admin Notification.
  • Skype; When a user is given a policy that moves them to Teams Only, they were still able to use the Skype for Business Outlook add-in to schedule meetings. After this update, you will no longer be able to schedule Skype for Business meetings after the client reads the policy indicating the user is Teams Only, and enters meeting join only mode. Additionally the Skype for Business Outlook Add-in will not activate itself while starting up if it sees the Skype for Business client is in meeting join only mode.

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook or the Microsoft Store and updates Outlook to: Version 2005 (Build 12827.20268).


Outlook 2016 / 2019 / 365 Update for May 2020

News

A new rollup update has been made available for all Click-to-Run installations of Outlook 2016, Outlook 2019 and Outlook as part of an Office 365 subscription.

It contains 1 security update for Excel.

In addition, it contains 1 documented non-security fixes for Outlook Monthly 2004, 6 for Monthly Enterprise 2003, 4 for Monthly Enterprise 2002, 4 for Semi-Annual (Targeted) 2002, 4 for Semi-Annual 1908, and 2 for Semi-Annual 1902. Most notable fixes are;

  • Version 2004
    Addresses an issue that caused users to experience a crash when displaying toast notifications.
  • Version 2003
    Addressed an issue that caused users to experience crashes in third party MAPI applications.
  • Version 2003 and 2002
    Addressed an issue that caused the width of the folder pane to change unexpectedly.
  • Version 2003, 2002, 1908 and 1902
    Addressed an issue that caused Outlook to crash when opening .msg or .oft files that were saved locally after a Windows update.
  • Version 1908
    Addressed an issue that caused users to experience a crash when selecting certain search results.
  • Version 1908
    Addressed an issue that caused the “Save to Cloud” button to be missing from Attachment Tools.

And yes, the Monthly Enterprise Channel is indeed a new addition to Microsoft 365 Apps (previously: Office 365).

Based on your release channel, you’ll be updated to the following version;

  • Office 365, Outlook 2016 Retail, Outlook 2019 Retail
    Version 2004 (Build 12730.20270)
  • Office 365 Monthly Enterprise
    Version 2003 (Build 12624.20588)
    Version 2002 (Build 12527.20612)
  • Office 365 Semi Annual (Targeted)
    Version 2002 (Build 12527.20612)
  • Office 365 Semi-Annual
    Version 1908 (Build 11929.20776)
    Version 1902 (Build 11328.20586) 
  • Outlook 2019 Volume License
    Version 1808 (Build 10359.20023)

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook itself or the Microsoft Store. This update does not apply to msi-based installation of Office 2016.


Outlook 2016 (MSI) Update for May 2020

News

A Rollup Update has been released for Outlook 2016. This is a non-security update which contains the following documented improvements fixes.

  • Fixes an issue that causes the Last Modified property of a file to be updated. This occurs when you add an attachment to an email message or save an attachment from an email message by dragging and dropping it (as opposed to through a menu).
  • Fixes the following issues that occur when you use Outlook 2016 together with an IMAP account:
    • The message size of saved or sent items is displayed as “0 B.”
    • The attachment icon isn’t displayed in the message list for items that have attachments.
  • Fixes an issue that causes the Peek view of Outlook Calendar to occasionally display incorrectly.
  • Addresses an issue that prevents users in the Saratov time zone (GMT+4) from opening a single instance in a meeting series.
  • Addresses an issue that causes Outlook to crash when a user forwards a message from which attachments have been removed.
  • Addresses an issue that causes the retention information bar to show items incorrectly in the Deleted Items folder as “expired.”
  • The Open this task button in the WORKFLOW TASK prompt is unresponsive for certain email messages.
    Outlook crashes when you try to mark messages as read from the Unread folder.

View: Download information for KB4484343

Note: This update can be installed via Microsoft Update and updates Outlook to version 16.0.5005.1000. This update does not apply to Perpetual and Office 365 based installations of Office 2016.


Outlook for Office 365 Feature Update for April 2020

News

Microsoft has just released the April feature update of Outlook for Office 365 (Monthly Channel) and it comes with 3 new features for Outlook and 5 highlighted fixes.

  • Join meetings without leaving your inbox
    No need to switch to your calendar to join online meetings. With the Calendar pinned to the To-Do pane, join any meeting with just one click.
  • New images to bring your messages to life
    Thousands of royalty-free stock images, icons, and stickers you can use in your email messages. Go to Insert > Pictures > Stock Images to get started.
  • New room finder
    Search for conference rooms by different capabilities.
  • Addressed an issue that caused the width of the folder pane to change unexpectedly.
  • Addressed an issue that caused Outlook to crash on some builds of Windows.
  • Addressed an issue that caused Outlook to crash when opening .msg or .oft files that were saved locally after a Windows update.
  • Addressed an issue that caused Outlook to crash on some builds of Windows.
  • Addressed an issue that caused users to experience a hang while exiting Outlook.

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook or the Microsoft Store and updates Outlook to: Version 2004 (Build 12730.20236).


Outlook 2016 / 2019 / 365 Update for April 2020

News

A new rollup update has been made available for all Click-to-Run installations of Outlook 2016, Outlook 2019 and Outlook as part of an Office 365 subscription.

It contains 6 security updates for Excel (2), Word (1) and Office (3). The following vulnerability and its fix also affects Outlook;

  • CVE-2020-0760: Microsoft Office Remote Code Execution Vulnerability
    A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
    To exploit the vulnerability, an attacker must first convince a user to open a specially crafted Office document.
    The updates address the vulnerability by correcting how Office handles type libraries.

Note: Some types of Visual Basic for Applications (VBA) references might be affected by this update. For more information, see FAQ for VBA solutions affected by April 2020 Office security updates.

In addition, it contains 1 documented non-security fixes for Outlook Monthly, 2 for Semi-Annual 1908 and 4 for Semi-Annual (Targeted) 2002. Most notable fixes are;

  • Monthly and Targeted: Addressed an issue that caused users to occasionally experience a crash when using the X button on the mouse.
  • Targeted: Addressed an issue that caused the Save to Cloud button to be missing from Attachment Tools.
  • Semi-Annual 1908: Addressed an issue that caused customers to see an empty room list in some scenarios.
  • Semi-Annual 1908:
    Addressed an issue that caused users to experience a crash when shutting down Outlook.

Based on your release channel, you’ll be updated to the following version;

  • Office 365, Outlook 2016 Retail, Outlook 2019 Retail
    Version 2003 (Build 12624.20442)
  • Office 365 Semi Annual (Targeted)
    Version 2002 (Build 12527.20442)
  • Office 365 Semi Annual
    Version 1908 (Build 11929.20708)
    Version 1902 (Build 11328.20564) 
  • Outlook 2019 Volume License
    Version 1808 (Build 10358.20061)

Note: Depending on your installation type, this update can be installed via the Update Now button in Outlook itself or the Microsoft Store. This update does not apply to msi-based installation of Office 2016.


Outlook 2016 (MSI) Security Update for April 2020

News

A Security Update has been released for Outlook 2016. It resolves the following vulnerability;

  • CVE-2020-0760: Microsoft Office Remote Code Execution Vulnerability
    A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
    To exploit the vulnerability, an attacker must first convince a user to open a specially crafted Office document.
    The updates address the vulnerability by correcting how Office handles type libraries.

Note: Some types of Visual Basic for Applications (VBA) references might be affected by this update. For more information, see FAQ for VBA solutions affected by April 2020 Office security updates.

This update also contains 3 additional fixes or improvements for non-security issues;

  • Makes updates to the United Kingdom holidays in the Outlook holiday file (Outlook.HOL). If the United Kingdom holidays have been added to your Outlook Desktop calendar, delete the existing events before you apply this update. For more information about how to update holidays, see Holiday updates for the Outlook Calendar.
  • Fixes an issue that prevents users from reopening an .msg file after they drag and drop an attachment from that message.
  • Fixes an issue in which Outlook makes unnecessary requests to fetch web add-ins from Exchange.

View: Download information for KB4484274

Note: This update can be installed via Microsoft Update and updates Outlook to version 16.0.4993.1001. This update does not apply to Perpetual and Office 365 based installations of Office 2016.


Outlook 2013 Security Update for April 2020

News

A Security Update has been released for Outlook 2013. It resolves the following vulnerability;

  • CVE-2020-0760: Microsoft Office Remote Code Execution Vulnerability
    A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
    To exploit the vulnerability, an attacker must first convince a user to open a specially crafted Office document.
    The updates address the vulnerability by correcting how Office handles type libraries.

Note: Some types of Visual Basic for Applications (VBA) references might be affected by this update. For more information, see FAQ for VBA solutions affected by April 2020 Office security updates.

View: Download information for KB4484281

Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 2013 Click-To-Run and updates Outlook to version 15.0.5233.1000.


Outlook 2010 Security Update for April 2020

News

A Security Update has been released for Outlook 2010. It resolves the following vulnerability;

  • CVE-2020-0760: Microsoft Office Remote Code Execution Vulnerability
    A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
    To exploit the vulnerability, an attacker must first convince a user to open a specially crafted Office document.
    The updates address the vulnerability by correcting how Office handles type libraries.

Note: Some types of Visual Basic for Applications (VBA) references might be affected by this update. For more information, see FAQ for VBA solutions affected by April 2020 Office security updates.

View: Download information for KB4484284

Note: This update can be installed via Microsoft Update and updates Outlook to version 14.0.7248.5000.