A Security Update has been released for Outlook 2013. In addition to resolving the vulnerability, it also contains 15 documented improvements and fixes.
Most notable fixes are;
- Resolves the vulnerabilities mentioned in Microsoft Security Bulletin MS16-099 which could allow remote code execution if a user opens a specially crafted Office file.
- Recipients on email sent programmatically in Outlook aren’t added to the user’s nickname cache. This can now be controlled via the EnableNicknameWithOM Registry value.
- After failing an initial logon, a subsequent retry may cause the following message to be incorrectly displayed:
The Microsoft Exchange administrator has made a change that requires you quit and restart Outlook. - You can’t open Mail in Control Panel if you have Outlook 2013 Click-to-Run installed.
View: Download information for KB3115452
Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 365 and updates Outlook to version 15.0.4849.1000.