A Security Update has been released for Outlook 2016. It resolves the following vulnerabilities;
- CVE-2023-33151: Microsoft Outlook Spoofing Vulnerability
- This vulnerability is currently not publicly disclosed nor exploited.
- Exploitation of the vulnerability requires that a user to click on a specially crafted URL to be compromised by the attacker.
- The Exploitability Assessment is rated: Exploitation Less Likely.
- CVE-2023-35311: Microsoft Outlook Security Feature Bypass Vulnerability
- This vulnerability is currently not publicly disclosed but it is being exploited already.
- Exploitation of the vulnerability requires that a user to click on a specially crafted URL to be compromised by the attacker.
- The Exploitability Assessment is rated: Exploitation Detected.
View: Download information for KB5002427
Note: This update can be installed via Microsoft Update and updates Outlook to version 16.0.5404.1000. This update does not apply to Perpetual (Retail) and Microsoft 365 based installations of Office 2016.
