HowTo-Outlook

A Security Update has been released for Outlook 2013. It resolves the vulnerability mentioned in CVE-2018-8244, which could allow remote code execution via a specially crafted Office file.

Additional fixes in this update;

• If the “PR_EMSMDB_CRED_USERNAME” property is not present in user profiles, some users may experience too many calls to the user principal name (UPN) lookup. To fix this issue, follow the instructions in KB4022165.
• This update adds AES 256 encryption as a supported scheme when Outlook 2013 is in FIPS compliant mode.
• When you forward a meeting request that is created in Outlook 2016, the attachment is missing if the AllowHTMLCalendarContent registry key value is set to 1.
• After you install or update an Outlook add-in, multiple network calls (getAppManifest calls) are made to retrieve Exchange add-in manifest data.
• This update adds translations in all languages for the fix of an issue that caused recipients to be unable to see attachments on meeting requests sent with attachments.

View: Download information for KB4022169

Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 365 and updates Outlook to version 15.0.5041.1000.

A Security Update has been released for Outlook 2010. It resolves the vulnerability mentioned in CVE-2018-8244, which could allow remote code execution via a specially crafted Office file.

View: Download information for KB4022205

Note: This update can be installed via Microsoft Update and updates Outlook to version 14.0.7210.5000.

A Rollup Update has been released for Outlook 2016. This is a non-security update which contains 11 documented improvements and fixes.

Most notable fixes in this update;

• Fixes for rendering issues with the Microsoft Dynamics 365 for Microsoft Outlook add-in and “Waiting for a page to be retrieved from a CRM server…” displays.
• The Outlook client may create duplicate folders for some special folders that are already in the server mailbox.
• This update enables “Advanced Encryption Standard” (AES) algorithm with a 256-bit key length as a supported scheme when Outlook has enabled “Federal Information Processing Standards (FIPS)” Mode.

Office 365 subscribers also got the following new features;

• Listen to your emails
  Outlook can read your email aloud, highlighting text as it’s read.
  File-> Ease of Access-> Show Read Aloud
• Never miss a reminder
  Set reminders to pop up over windows you’re working in. Otherwise, Outlook will blink in the taskbar to get your attention.
  File-> Options-> Advanced-> Reminders-> Show reminders on top of other windows
• Mark deleted items as read
  You can now set any message that you delete as read.
  File-> Options-> Mail-> Other-> Mark messages as read when deleted
• Encrypt option
  Office 365 Message Encryption users can encrypt a message and send it to anyone, inside or outside their organization.
  While composing a message: tab Options-> Permission

View: Download information for KB4018372

Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 365 and updates Outlook to version 16.0.4690.1000 (msi-based installation) or version 1804 build 9226.2114 (Office 365 based installation).

A Rollup Update has been released for Outlook 2013. This is a non-security update which contains 5 documented improvements and fixes.

Most notable fixes in this update;

• Fixes for rendering issues with the Microsoft Dynamics 365 for Microsoft Outlook add-in and “Waiting for a page to be retrieved from a CRM server…” displays.
• When you connect to an IMAP server that does not support UIDPLUS IMAP extensions and network error occurs while moving a message, the moved message is lost.
• When you try to access the content of a public folder, Outlook may crash if it’s connected by using MAPI/HTTP.

View: Download information for KB4018376

Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 365 and updates Outlook to version 15.0.5031.1000.

A Rollup Update has been released for Outlook 2010. It fixes the following issue;

• Fixes for rendering issues with the Microsoft Dynamics 365 for Microsoft Outlook add-in and “Waiting for a page to be retrieved from a CRM server…” displays.

View: Download information for KB4022144

Note: This update can be installed via Microsoft Update and updates Outlook to version 14.0.7208.5000.

A Rollup Update has been released for Outlook 2016. This is a non-security update which contains 8 documented improvements and fixes.

Most notable fixes in this update;

• The custom forms with Visual Basic Script (VBScript) doesn’t run in shared calendars in Outlook.
• When you connect to Microsoft Exchange Server through a metered network, you see that favorite folders disappear from the navigation pane.
• You see that authentication prompts appear behind the active Outlook window and cannot be accessed.
• Adds support for the Sync Slider so that you can specify a long span time to synchronize mails that span 3 years or more in Outlook 2016 via the SyncWindowSettingDays and SyncWindowSetting Registry value.

Office 365 subscribers can now also see a MailTip warning appear if you choose Reply All to a message that you were Bcc’ed on.

View: Download information for KB4018326

Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 365 and updates Outlook to version 16.0.4678.1000 (msi-based installation) or version 1803 build 9126.2116 (Office 365 based installation).

A Rollup Update has been released for Outlook 2013. This is a non-security update which contains 4 documented improvements and fixes.

• The custom forms with Visual Basic Script (VBScript) doesn’t run in shared calendars in Outlook.
• When you send an email from a shared mailbox, the email appears in wrong Sent Items folder in some scenarios.
• Outlook crashes on startup and opens in safe mode when your preferred language list is set to a language that doesn’t have a Local ID Values (LCID). For example, your preferred language is set to Javanese or Malagasy.
• You see that authentication prompts appear behind the active Outlook window and cannot be accessed.

View: Download information for KB4018303

Note: This update can be installed via Microsoft Update or the Update Now button when you are using Office 365 and updates Outlook to version 15.0.5023.1000.

A Rollup Update has been released for Outlook 2010. It resolves the following issue;

• The custom forms with Visual Basic Script doesn’t run in shared calendars in Outlook.

View: Download information for KB4018317

Note: This update can be installed via Microsoft Update and updates Outlook to version 14.0.7197.5000.

Cumulative Update 9 for Exchange 2016 is now available. It contains 34 documented new fixes or improvements, and all previously released fixes and security updates for Exchange 2016 as well as the latest DST updates.

Notable improvements and fixes are;

• TLS 1.2 is now supported.
• KB4054513 Mailbox usage status bar in OWA displays incorrect mailbox usage.
• KB4058379 All cross-forest meeting updates have to be accepted again in Exchange Server 2016 and 2013.
• KB4057290 Incorrect user is returned in the ECP when one user’s display name matches another user’s alias.
• KB4058382 Can’t retrieve time slot information about private calendar items as a delegate on another user’s account in Exchange Server 2016.

This release includes no new updates to the Active Directory Schema.

Download: Cumulative Update 9 for Exchange Server 2016 (KB4055222)
Download: Exchange Server 2016 CU9 UM Language Packs
View: Description of Cumulative Update 9 for Exchange Server 2016
View: Blog post of the Exchange Team about CU9 for Exchange Server 2016